vExpert Pro 2021

This year I applied for the VMware vExpert Pro program for the first time and was delighted to receive the news on Monday that I had been accepted.

What is vExpert Pro?

The idea behind the launch of the vExpert Pro program is to create a worldwide network of vExperts who are willing to find, support, and mentor new vExperts in their local communities.

VMware launched the program 2018 and describes vExpert Pro as cited below.

A vExpert Pro is a current vExpert who excels in their local region, adding value to the program and giving back to the community. This person has a strong relationship with the local IT community in general, and works as an advocate for the vExpert program, recruiting, mentoring and training people.

What does vExpert Pro mean for me?

I see it as an honor and recognition for the work I have been doing in and for the community over the last several years.

There is a large number of unknown experts around the world with a high level of knowledge and a willingness to share this expertise with others. They often lack just a little push to apply for the vExpert program. Many don’t consider themselves good enough or worthy of becoming part of the vExpert program. This is where the vExpert Pro will come into play. It is their mission as mentors to assist new experts in finding their way into the community.

I’ve been actively blogging since 2010, and for a long time I too considered my own content to be insignificant or not good enough. So it finally wasn’t until 2017 that I applied to become a vExpert for the first time. Back then, I would have appreciated a mentor like a vExpert Pro. This would have certainly helped me get to the vExpert program with more confidence and also much sooner. I consider this to be my primary mission as a vExpert Pro.

I have been actively mentoring in the VMUG Mentorship Program for some time now and have been coaching two candidates (mentees) from Indonesia and Poland. Here the focus is on personal development, training and improvement of communication skills such as public speaking. The vExpert Pro is the logical next step in this activity. I would like to guide talents in my region on the path to the vExpert and support them in every way possible.

Get in touch

Have you ever thought about joining the vExpert program? Did you abandon the idea because you lacked the courage or motivation? Then don’t hesitate to get in touch with me.

You can reach out on my Twitter handle @Microlytix, or LinkedIn, or my VMUG profile.

Don’t confuse a blog post with a deployment guide

Lab environments are a great thing. We can test new products on a small scale platform and demonstrate them as a proof of concept (PoC).

Like many of my fellow bloggers I write down my lab experience in little blog posts that I share with the community. I regularly read blogs and tutorials to keep myself informed about new products and techniques. There is hardly a topic in the field of virtualization that someone hasn’t written something about at some point. This is invaluable, as it gives you a quick introduction to what is usually a complex subject.

When reading my (and other) blog posts, you may get the impression that the described setup procedure follows the simple skip-skip-finish principle. In other words, accept the default values, click three times and the installation is complete. This might be true in the lab, but a real life deployment is miles away from a lab setup.

In the lab many things are simplified to the max according to the KISS principle (keep it simple and stupid). Some of the methods used are not necessarily in compliance with the manufacturer’s recommendations, or are outright forbidden in productive environments.

This means : Having read a tutorial by my favorite blogger [insert name here] does not enable me to transfer what I have learned 1:1 to a real project.

I have had several discussions about this in preliminary project meetings. People have asked why the planning phase takes so much time. They said that (they thought) the product was totally easy to install, as you can read on [insert name here]’s blog.

As a blogger and lab user, I know how to view these posts. They are to be understood as a quick introduction and an easy to understand overview of a new technology. This has very little to do with real world deployments. In this posting, I would like to point this out with the help of a few examples:

Continue reading “Don’t confuse a blog post with a deployment guide”

2020 – A retrospective view

I don’t think it’s an exaggeration when I say “2020 was a year like no other.” Pretty much everyone in the IT industry and elsewhere will confirm that. I’m taking this last day of 2020 as an opportunity to write my last blog article of the year and review important events for me in it.

January

The year began quite normally, almost like any other. After the turn of the year, tasks and projects for the coming months slowly started. According to experience, it is a quiet month, because many customers usually don’t resume work before the second week.

February

February had some of my personal highlights of the year.

We held a VMUG meeting in Nuremberg on February 13th. Today I have to add that it was an on-site meeting. At that time a matter of course. Today it sounds like a tale from a distant past. I myself had given a presentation there on the topic of “Strategies for proactive error prevention”. A closer look at the products VMware Skyline and Runecast Analyzer. What do they have in common and what are their unique selling points?

A long planned private trip took us to the high latitudes of the Arctic. Spitsbergen in winter. No other event left such deep impressions this year like this one. On February 14th, after 84 days of darkness, the long polar night ends on Spitsbergen and the sun comes above the horizon again for the first time. In mid-April, the sun will not set at all for another 99 days. In the time in between the ice desert shines in wonderful light. We love the Arctic and wanted to experience this natural spectacle and – of course – capture it in pictures.

Polar bear warning applies to the whole archipelago of Svalbard.

Exploring Spitsbergen means being away from civilization for many hours at temperatures down to -38°C. Always accompanied by an armed guide, because the island is polar bear country and you’re required by law to have at least one armed member in your party once leaving the settlement.

We’ve learned, for example, that such simple things like eating can be a real challenge at very low temperatures We’ve also witnessed what it means to be caught in a white-out when the sky merges into the coulour of the ice, visibility is close to zero and everything around you is just white.

Svalbard reindeer

While being abroad I got a pleasant notification in my inbox. I was nominated to be a vExpert for another year.

March

Our stay lasted until the first week of March. But the world we returned to was a different to the one we left. Already on the way we read news about Corona outbreaks and sold-out toilet paper. When we left Germany, Corona was hardly a topic. Now it was THE topic and would remain so for months.

On March 11th, the last German on site VMUG took place at VMware’s premises in Munich. I myself was co-organizer and speaker and had no concerns about the train ride and the meeting at that time. Looking back and with the knowledge of today, it was certainly not the brightest idea. We were unnecessarily putting ourselves at great risk. Washing hands alone is not enough against SARS-CoV-2. Luckily (as far as I know), the event had no further health consequences for anyone involved.

Continue reading “2020 – A retrospective view”

ExaGrid Time-Lock – Who’s (still) afraid of ransomware?

Introduction

Ransomware currently represents one of the most prominent threats to IT infrastructures. Reports of successful attacks are accumulating, the attacks are getting closer. More than 30% of all companies, institutes, universities or public authorities in Germany have already dealt with such attacks. In some cases, a ransom was paid to get access to their own data again.

Even with payment, success is never certain. After all, one negotiates with criminals. Authorities therefore advise against payment.

The essential protective measure against the consequences of such an attack is an up-to-date and consistent backup.

Ransomware vs. Backup

Unfortunately, attackers also know about the importance of backups. The currently circulating malware, such as Emotet or Ryuk, contain code that actively searches for backups on the net. Using previously obtained access data for Active Directory accounts or by attacking via RDP exploits or using the brand-new Zerologon exploit an attempt could be made to take over the systems that operate the data backup in the company or hold the backup data.

The automatic attack is often followed by hackers in the flesh who actively browse the net and try to destroy all backups. This is often an easy task, since backups today are preferably held on hard disk systems, permanently connected to the infrastructure.

The reason is obvious: If all backups are deleted or also encrypted, the compliance of the “customer” to pay his ransom increases by far.

Many approaches have therefore already been conceived to store the backup data out of reach of an attacker. A very simple and secure variant is an Air-Gap – a physical separation of the backup media from the system. For example, LTO tapes can be physically removed from the library.

Without this kind of time-consuming manual extraction – which would also have to be performed daily – the data remains latently vulnerable. It doesn’t matter whether it is stored on disk systems, dedup appliances, tapes in a library or even in an S3 cloud repository.

S3 cloud providers have therefore proposed an API extension called “Immutability” some time ago. With this, at least the backups in the cloud layer can be made immune to changes for a certain time.

Some of these solutions are natively supported by Veeam. Amazon AWS is one of them. Microsoft Azure is currently still missing. Furthermore S3 memory is not suitable for every application. A primary backup with Veeam on S3 is for example not directly possible. The S3 layer is only available as an extension of a scale-out backup repository.

Continue reading “ExaGrid Time-Lock – Who’s (still) afraid of ransomware?”