Cloudy Journey: Best Practices

Showing posts with label Best Practices. Show all posts

Monday, February 20, 2012

Next #Citrix Consulting best practice webinar on Thursday 23rd February

Next Citrix Consulting best practice webinar on Thursday 23rd February: The next of our Citrix Consulting best practices webinars, ‘Citrix Consulting Best Practice: Phase 3 Design – key concepts & approaches for designing your desktop virtualisation solution’ is fast approaching on Thursday. This webinar as the name suggests focuses on the design phase of a desktop virtualisation project. The webinar starts at 3pm (GMT) Thursday 23rd February 2012 – here’s the registration link

Wednesday, February 15, 2012

VMware Global Alliances Blog: NetApp Releases Storage Best Practices for VMware vSphere 5 #vmware #netapp

VMware Global Alliances Blog: NetApp Releases Storage Best Practices for VMware vSphere 5:

Posted by Wen Yu
Alliances Staff SE

VMware® vSphere® 5, which shipped in the summer of 2011, delivers better application performance and availability for all business-critical applications while automating the management of an increasingly broad pool of datacenter resources. That includes storage technology from NetApp, a valued partner that has worked closely with VMware to develop solutions that work together seamlessly and accelerate the shift to cloud computing for our mutual customers.

As part of that effort, NetApp has released a comprehensive new publication that guides our customers through the deployment of solutions that combine vSphere with NetApp. The new NetApp Storage Best Practices for VMware vSphere (technical report TR-3749) includes valuable new content specific to the powerful new storage features in vSphere 5.

In his recent blog, Vaughn Stewart of NetApp raves about the report. It contains deployment considerations and best practices that have been validated by both NetApp and VMware. Contents include:

An introduction to storage concepts in vSphere 5

Updated storage maximums, supported options, and NetApp integration tables

Support for the VSC with the vCSA or vCenter Server Appliance

Host Profiles

VMFS 5

Storage DRS, affinity rules and maintenance mode

SIOC or Storage I/O Controls

As you dig into this 118-page report, I suggest you pay close attention to the design best practices on the following topics that vSphere 5 customers are likely to find especially valuable:

Protocol choices - vSphere5 has full support for NFS, iSCSI, FCP and FCoE. Ever wonder which protocol to use and what to expect with each, in terms of usability, supportability and performance? The protocol benefits and considerations sections of the report will give you a clear rundown of what to expect with each, and guides you through all the way.

Virtual Storage Console integration with VMware vCenter ™ - If you have not used the Virtual Storage Console, then this section is also a must-read. Virtual Storage Console enables VI Administrators to have more visibility into the storage “black box”. When storage volumes are presented to the ESX server clusters, admins do not have any visibility into the volume: for example, datastore to flexvol relationship, dedup setting, actual volume size when thin provisioning is enabled. VSC completes the picture and brings all relevant storage backend related info to the VI admin.

Storage IO Control usage with NFS and VMFS storage - With intelligent storage like NetApp FAS systems, SIOC settings can be configured to match with the array side for end-to-end quality of service control for the cloud infrastructure.

Storage DRS considerations - When Storage DRS is configured to run in automatic mode, the storage vMotion migrations of VMs between datastores have implications on dedup enabled volumes. Read this section and make sure all considerations are understood when you consider using Storage DRS with NetApp storage.

The final product is more than a testament to a great partnership. It’s a standard-setting resource that will speed the journey to IT and business transformation for our customers. I invite you to take a look at the best practices in the report and share your feedback or questions in the comments section below. We're always looking for ways to make our customers' lives easier!

Friday, February 10, 2012

Slide deck and recording now available for the Citrix Consulting Best Practice webinar held on the 9th February #citrix

Slide deck and recording now available for the Citrix Consulting Best Practice webinar held on the 9th February: The 3rd webinar in the series was webinar delivered by Citrix Consultant James Gordon. James discussed the important analysis phase of a desktop virtualisation project. We had some great questions from the audience and here’s the link to the recording and materials used pdf and pps – enjoy:-)

XenClient Best Practices Series – Get rid of the “XenClient Tools not installed” alert #citrix

XenClient Best Practices Series – Get rid of the “XenClient Tools not installed” alert: Preface Do you know this icon? If you hoover over the icon, a message will tell you that the XenClient tools are not installed in this VM. I don’t want to encourage you to not install the XenClient tools in the VM – these tools are great they will enable your VM to work in full speed by installing paravirtualized drivers and service to allow USB management and much…

XenClient Best Practices Series – Citrix XenClient and AMD Graphics update #citrix

XenClient Best Practices Series – Citrix XenClient and AMD Graphics update: Are you looking to upgrade your current laptop or purchase a new one to use with Citrix XenClient? There is no better time than now to visit the XenClient Hardware Compatibility List (HCL), to find your new device.As of the XenClient 2.0 release, we collaborated with AMD to provide support for the Radeon™ HD 6470M and the FirePro™ M5950 graphics solutions. These graphics solutions were…

Wednesday, February 8, 2012

Citrix Consulting Best Practice: Phase 2 Analysis -understanding your existing IT infrastructure

Citrix Consulting Best Practice: Phase 2 Analysis -understanding your existing IT infrastructure: The next Citrix Consulting Best Practice webinar is on Thursday 9th February at 3pm GTM. Here’s the registration link. The focus is on the analysis phase of a desktop virtualisation project. So, this webinar looks at the tools and techniques we use within Citrix Consulting Services in to get a full understanding the requirements of the existing desktop infrastructure before beginning to design any desktop virtualisation solution.

Tuesday, February 7, 2012

VMware ThinApp Blog: Antivirus Scanning in a VMware View Virtual Desktop Environment That Includes ThinApp Virtualized Applications

VMware ThinApp Blog: Antivirus Scanning in a VMware View Virtual Desktop Environment That Includes ThinApp Virtualized Applications:

By Tina de Benedictus, Technical Marketing Manager, Enterprise Desktop

When you have ThinApp virtualized applications installed in a VMware View virtual desktop environment, what do you need to do to set up antivirus protection?

You may think that ThinApp virtualized applications protect the desktop from viruses and other malware during application use because of the “virtual bubble” created for user activity. Yes, the ThinApp “virtual bubble” can offer a layer of protection against runtime modifications to files and registry keys. But running ThinApp virtualized applications is similar to running native applications on the desktop: you need to protect the desktop.

Configuring the ThinApp package to be fully isolated from the host desktop would give you more of a chance of protection against malware intrusions on the desktop. However, fully isolating a ThinApp package from the host desktop would mean that the package could not even read system files. In general, you configure a ThinApp isolation mode that allows at least some reading of files from the host desktop, and often you allow some writing to the desktop, such as to the My Documents and Desktop folders.

When you set up the isolation mode for a ThinApp package, you are specifying the permissions to read from and write to the host desktop. All writes that cannot go to the host system instead go to the ThinApp application sandbox. The sandbox is a folder on the local desktop system or on a file share and is open to malware as are other files, and you also need to scan the sandbox.

You generally choose a ThinApp isolation mode setting where host system files are protected from writes. But non-system files can be written to, so you need to scan the host desktop system. Even nonpersistent View desktops need scanning so that files do not become corrupted during a View session.

For details on isolation modes, see Configuring Isolation Modes for the File System and Registry in ThinApp (Video Included).

Here is a summary of recommendations regarding ThinApp packages from a recently updated white paper on antivirus protection in a VMware View environment (Antivirus Practices with VMware View 5).

Desktop where the ThinApp package is running: Run scheduled, on-demand virus scans of the View desktop, including during a user session. This includes scans of nonpersistent View desktops.

ThinApp packages: When you create ThinApp packages, be sure to use a clean capture machine. Do not install a virus scanner or firewall on the capture machine.

A Clean Capture Machine

Before you build the ThinApp package (the build machine does not have to be the same as the capture machine), run a virus scan against the ThinApp application project directory.

The Application Project Directory on the Build Machine, Which Can Be Different from the Capture Machine

ThinApp Repository: Scan the View ThinApp Repository (Windows application share) periodically for viruses and malware. Use on-demand scanning during periods of low usage. If you are required to use on-access scanning, create separate primary data containers for ThinApp packages that are larger than a couple of megabytes. For details, see the white paper.

Packages destined for the ThinApp Repository: Scan ThinApp packages before you place them in the ThinApp Repository.

Package vulnerabilities: Consider using the eEye Retina vulnerability management tool to check your ThinApp packages.

ThinApp application sandbox: Scan the ThinApp application sandbox, whether or not you delete it upon logout. The sandbox is a standard, readable folder in Windows. Exclude the sandbox from on-access scanning, and use on-demand scanning during periods of low usage. If a virus is detected in the sandbox, clean or delete the sandbox. A new sandbox is generated on the next application use.

A ThinApp Application Sandbox Folder

Sandbox within Persona Management: If you use View Persona Management with nonpersistent View desktops and do not want to retain the ThinApp application sandbox, exclude the sandbox from roaming.

External drives: Because ThinApp package users can write to network drives and removable disks, regardless of the ThinApp isolation mode setting, scan these external drives with your virus checker, or guard against writes to these drives by setting Package.ini parameters.