Presentation is loading. Please wait.

Presentation is loading. Please wait.

CalNet VMware Environment

Published byMiranda Norton Modified over 6 years ago

Similar presentations

Presentation on theme: "CalNet VMware Environment"— Presentation transcript:

1 CalNet VMware Environment
Consolidation and Upgrade

2 CalNet Environment Background
Original driver was security concerns Lack of bastion hosts Recently encountered SQL Express limitations Need to move to a DBA-managed SQL instance This will increase cost Maintenance is not current on vCenter Need to purchase a license No accounting for time and materials Ongoing maintenance vCenter upgrade

3 Advantages to Shared Infrastructure
Better monitoring from the Cloud team Root password vaulting service Better auditing Automated remediation tools Properly maintained SQL backend No need to purchases a dedicated SQL instance One fewer vCenter license The current infrastructure does not get the attention it deserves from the Cloud Team due to the separate nature We can integrate the environment better while maintaining the required (or better) security

4 Current Environment

5 Consolidation Option Uses the HyTrust for Root Password Vaulting
More granular auditing Uses vSphere for Permissions and Roles management

6 Advanced HyTrust Option
HyTrust gives us the option of layering more advanced rules on top of the existing vSphere permissions model We can enforce constraints for things such as Protocols used to access the environment Source and destination Mention that this helps us support forcing users through terminal server that forces smart card Mention bastion hosts control that they would have to use two-factor on their accounts If someone got their account they wouldn’t be able to log in via the shared terminal server

7 Summary of Changes CalNet cluster is moved under common vCenter (aka win-pvi01) cal-pvi01 goes away CalNet still controls terminal server firewall CalNet cluster uses DBA-supported SQL CalNet ESXi hosts upgraded to version 5.0 Root password vaulting implemented HyTrust logging implemented The process will be managed by the Cloud Team, with no outages required.

8 Demo Log in as administrator Show HyTrust Log
Log in as Hearst colo customer jonathont Log in as CalNet Admin jt-dev-calnet NOTES: The SuperUser role only applies to the HTA Need to add full admins to the default DC Admin role Had to unassign the read-only rule “VIRTUAL_CENTER CAMPUS\IST-Projects VM-Colo Client Access “ from cld-da01 because even with DC and super user this was prevening my pvt account from doing permissions changes But then even the DC admin rule won’t freaking let me do it… So removed CCS-Projects-OA-gs from DC admin, now I’m ONLY a super admin So… the HTA will do do operations on the permissions tab AT ALL? Gave campus\jonathont (sample colo customer) DC Admin rights, but granted specific VM User right in vCenter

Download ppt "CalNet VMware Environment"

Similar presentations

Chapter 20 Oracle Secure Backup.

Chapter 20 Oracle Secure Backup.
IST’s Cloud or Virtual Private Server Offering A history, challenges and where we are today Blaine Isbelle Jonathon Taylor.

IST’s Cloud or Virtual Private Server Offering A history, challenges and where we are today Blaine Isbelle Jonathon Taylor.
File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
Futures – Alpha Cloud Deployment and Application Management.

Futures – Alpha Cloud Deployment and Application Management.
Antony Jo The University of Montana. Virtualization  The process of abstraction; making something more abstract  Many types: Server Desktop Application.

Antony Jo The University of Montana. Virtualization  The process of abstraction; making something more abstract  Many types: Server Desktop Application.
Virtual techdays INDIA │ 9-11 February 2011 Cross Hypervisor Management Using SCVMM 2008 R2 Vikas Madan │ Partner Consultant II, Microsoft Corporation.

Virtual techdays INDIA │ 9-11 February 2011 Cross Hypervisor Management Using SCVMM 2008 R2 Vikas Madan │ Partner Consultant II, Microsoft Corporation.
Denny Cherry MVP, MCSA, MCDBA, MCTS, MCITP.

Denny Cherry MVP, MCSA, MCDBA, MCTS, MCITP.
Introducing VMware vSphere 5.0

Introducing VMware vSphere 5.0
© 2011 VMware Inc. All rights reserved New Alternatives for Deploying VMware vSphere Module 8.

© 2011 VMware Inc. All rights reserved New Alternatives for Deploying VMware vSphere Module 8.
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
Virtual Machine Management

Virtual Machine Management
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
© 2010 VMware Inc. All rights reserved Data Protection Module 10.

© 2010 VMware Inc. All rights reserved Data Protection Module 10.
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
© 2010 VMware Inc. All rights reserved Access Control Module 8.

© 2010 VMware Inc. All rights reserved Access Control Module 8.
Access Control Module 8. Module 2-275 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.

Access Control Module 8. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.
VAP What is a Virtual Application ? A virtual application is an application that has been optimized to run on virtual infrastructure. The application software.

VAP What is a Virtual Application ? A virtual application is an application that has been optimized to run on virtual infrastructure. The application software.

Similar presentations

Ads by Google