Some stuff collated/new/learnt since Tech
Roundup - 31st December 2019 with headings:
Google Anthos:
NetApp Customer Stories
AWS, Certificates (SSL), Cisco, FlexPod, Google Cloud,
HP, IT Industry News/Commentary, Kubernetes, Microsoft, NetApp, pfSense,
RedHat, Security, Tech Field Day, Veeam, Zone to Win
AWS
AWS Build a Winning Pitch Deck Workshop ... | Mar.10.2020
| London, England
... is designed to help pre-seed startups develop a
fundraising narrative and build a pitch deck that serves as their tool to
getting funded.
AWS Summit London | ExCel London | April 29, 2020
AWS Powers Guinness Six Nations Rugby Stats
Guinness Six Nations Matchstats
Certificates (SSL)
Microsoft Teams goes down after Microsoft forgot to renew
a certificate
Summary of Windows Azure Service Disruption on Feb 29th,
2012
https://azure.microsoft.com/en-us/blog/summary-of-windows-azure-service-disruption-on-feb-29th-2012/
Let’s Encrypt: Why ninety-day lifetimes for certificates?
Certbot
Certbot is a free, open source software tool for
automatically using Let’s Encrypt certificates on manually-administrated
websites to enable HTTPS.
Cisco
“The gateway in a Cisco ACI stretched layer 2 network
can only reside on one site and has no capability to fail over to another site
in case of a site loss.”
UCS Platform Emulator Downloads: UCSPE 4.0(4ePE1) / UCSPE
3.2(3ePE1)
Armis has discovered five critical, zero-day
vulnerabilities in various implementations of the Cisco Discovery Protocol
(CDP) that can allow remote attackers to completely take over devices without
any user interaction.
FlexPod
FlexPod Datacenter for AI/ML with Cisco UCS 480 ML for
Deep Learning - Design Guide
FlexPod Datacenter for AI/ML with Cisco UCS 480 ML for
Deep Learning - Deployment
Google Cloud
File storage made easier with NetApp Cloud Volumes, now
GA
NetApp Cloud Volumes Service for Google Cloud
Google Anthos:
Press
coverage:
Blog.NetApp.Com:
NetApp Trident:
Trident
is available on NetApp’s GitHub site.
Details
on deployment and configuration are available in the Trident
documentation and at http://netapp.io.
HP
“Cartridge cannot be used until printer is enrolled in HP
Instant Ink”
HP Instant Ink
Save up to 50% on ink!
Monthly printing plans based on the number of pages
you print not the amount of ink you use!
“By the way, did you know that printer ink is actually the most expensive liquid
on this planet?”
HP explains why printer ink is so expensive
IT Industry
News/Commentary
Jan 3, 2020: Blockchain 2020 – thoughts, comments and the
future
Kubernetes
Container, Kubernetes & Microservices – how NetApp
can help
“You
will find this presentation a valuable trove of useful tricks. Enjoy.”
Microsoft
Outlook
for Windows rolls out its simplified user experience and if you don’t
like it...
How to revert to an earlier version of Office
Applies to: Office 2019, Office 2016, Office 2013
Note: This article doesn’t apply to MSI versions of
Office.
And if that doesn’t work...
1. Start the elevated command prompt (START > CMD
> right-click and select "Run as administrator")
2. Paste and run "C:\Program Files\Common
Files\microsoft shared\ClickToRun\OfficeC2RClient.exe" /update user
updatetoversion=16.0.11328.20512
3. Once the older version is installed, open any
Office app, go to File > Office Account and select Disable updates (under
Product Information)
Links for:
Event Properties - Event 2020, MSMQ: “The Message
Queuing service cannot start”
Tip: If you want the Message Queuing service to start
automatically, having it on a VMDK works, but in-guest iSCSI does not (since
the iSCSI storage isn’t immediately available to the O/S when it boots.)
NetApp
IDC PERSPECTIVE: A New NetApp Is on the Rise
On-Demand Webinars:
NetApp Blog
(blog.netapp.com):
Feb 3, 2020: Active
IQ Unified Manager 9.7: Risk Management, Self-Healing, Smart Analytics, and
Much More
Dec 20, 2019: How to
Deploy Cloud Volumes On-Premises with NetApp HCI
Dec 20, 2019: IDC
MarketScape Report 2019: NetApp Is Again Named a Leader in Object Storage (Also
see: http://idcdocserv.com/US45354219e_Netapp)
NetApp Cloud (cloud.netapp.com):
Feb 17, 2020: Busting 5
Cloud Migration Myths
Jan 6, 2020: How
Tiering Data Benefits Retailers
Dec 30, 2019: Hosting
Legacy Apps in the Cloud: Is It Possible?
Image: Windows Virtual Desktop (and Citrix) on Azure -
Optimize End User Experience with Azure NetApp Files (ANF)
Dec 16, 2019: Refactor
Monoliths Into Microservices in Cloud
Mar 14, 2019: Genomics
Data Puts NetApp and AWS to the Test
NetApp Customer Stories
[Video] Arc’teryx: Preparing to scale globally with
NetApp Cloud Volumes ONTAP
[Videos] NetApp Video Library: Customer Stories
+ more...
NetApp Cloud Manager
and Cloud Compliance:
Cloud Manager
Documentation: https://docs.netapp.com/us-en/occm/index.html
FlexCache with Cloud Volumes ONTAP: https://youtu.be/PBNPVRUeT1o
Cloud Compliance
NetApp HCI:
How
a Disaggregated Architecture Can Lower HCI Total Cost of Ownership:
[Impact: High] NetApp H-Series BIOS update to reduce
memory and machine check errors
Recommend updating the BIOS as part of the HCI
Installation.
HOW TO: Reduce the wear on the boot drive of a NetApp HCI compute node
https://kb.netapp.com/app/answers/answer_view/a_id/1096435
(login to see full article)
Recommend doing this as part of the HCI Installation.
Where vCenter was deployed using IP address, not FQDN...
...to rename to FQDN, it can only be done from vCenter
6.7U3 as per this article:
H410 Protection Domains
Extending storage availability across chassis.
- Node/chassis location awareness data layout
- Automatically detects H410 chassis and node
configuration
- Double-helix data layout ensure that primary and
secondary data blocks span domains
- Domain level capacity monitoring
- Minimum of three chassis required for domain level
resiliency
Image: H410 Protection Domains
NetApp HCI Return to Factory Image (RTFI)
By Allen Johnson | January 25, 2020
NetApp Miscellaneous:
Trident
Demo - requires NetApp LoD access (customizes LoD "Using Trident with
Kubernetes and ONTAP")
NetApp.io (NetApp
DevOps Community):
New since Tech
Roundup - 31st December 2019:
NetApp TechONTAP
Podcast:
New since Tech
Roundup - 31st December 2019:
NetApp NVAs:
New since Tech
Roundup - 31st December 2019:
NVA-1143: NetApp HCI - NIST Security
Controls for FISMA with HyTrust for Multitenant Infrastructure
NVA Design and Deployment
NVA Design and Deployment
NetApp TRs:
New since Tech
Roundup - 31st December 2019:
TR-4817: SAP Data Hub in
NetApp Kubernetes Service
TR-4816: Performance Characterization of NetApp Cloud Volumes ONTAP for Google Cloud
TR-4815: NetApp AFF A800 and Fujitsu Server PRIMERGY GX2570 M5 for AI and ML Model Training Workloads
TR-4814: S3 Public Preview: ONTAP 9.7
TR-4813: Managing Certificates for NetApp E-Series Storage Systems
TR-4810: NetApp ONTAP and Lenovo ThinkSystem SR670 for AI and ML Model Training Workloads
TR-4816: Performance Characterization of NetApp Cloud Volumes ONTAP for Google Cloud
TR-4815: NetApp AFF A800 and Fujitsu Server PRIMERGY GX2570 M5 for AI and ML Model Training Workloads
TR-4814: S3 Public Preview: ONTAP 9.7
TR-4813: Managing Certificates for NetApp E-Series Storage Systems
TR-4810: NetApp ONTAP and Lenovo ThinkSystem SR670 for AI and ML Model Training Workloads
NetApp-ONTAP Python SDK:
...
authoring some Python code using the newly released netapp-ontap Python SDK?
To
find help for export policies:
Module netapp_ontap.resources.export_policy
NetApp ONTAP LUN rename:
Easy to
do and non-disruptive, just needs:
lun
move-in-volume -vserver SVM_NAME -path CURRENT_PATH -new-path NEW_PATH
Questions about NetApp impact related to released LDAP signing and
channel binding security advisories published Microsoft:
NetApp customer facing KB:
Also
see:
“What
about ONTAP and LDAPS?
How
do we do (configure) it?
- Change
the port in the ldap config to port 636.
- Make
sure -use-start-tls is turned to false
- And
the enterprise root cert is installed into ONTAP.”
Related Microsoft URLs:
pfSense
Netgate pfSense Security Gateway Appliances for the
public cloud (Amazon AWS and Microsoft Azure), and private cloud (hardware
appliances):
Download the Community Edition appliance for VMware vSphere, Microsoft
Hyper-V and Proxmox:
RedHat
Disaster Recovery Strategies for Applications Running on
OpenShift
Image: OpenShift deployment topologies
Security
NetApp is on the DoDIN (Department of Defence Information
Network) Approved Products List.
Search for:
Device Type = “Data Storage Controller”
Vendor = “NetApp, Inc.”
For ONTAP 9.6 and 9.7, all these controllers are
certified:
FAS8040, FAS2520, FAS2552, FAS2554, FAS2620, FAS2650,
FAS2720, FAS2750, FAS8020, FAS8060, FAS8080EX, FAS8200, FAS9000, AFF A200, AFF
A220, AFF A300, AFF A700, AFF A700s, AFF A800, AFF8020, AFF8040, AFF8060,
AFF8080EX, FAS8300, FAS8700, AFF A400
Tech Field Day
[Videos]
NetApp Introduction to Active IQ
NetApp Active IQ Platform Architecture
NetApp AIOps
NetApp The New Active IQ Experience Demo
NetApp StorageGRID - Object Storage for What's Next
Veeam
NetApp primary storage users:
New versions of Universal Storage API plug-ins for:
NetApp Element Plug-in 1.0.10 (with a couple of
enhancements around our SolidFire integration)
Also, an important note regarding NetApp ONTAP 9.7 support: this was found to
be a "breaking" release due to an API change, so it will require v10.
The RTM build does NOT support ONTAP 9.7 yet, as we finished testing after it
was already shipped. However, we managed to include the required change into
the GA build.
Veeam Snapshot Hunter is awesome!
Veeam: V10: Better
Backup: Faster. Stronger. Smarter.
Watch the recording of the Feb. 18 launch event and find
out what’s new in Veeam Availability Suite.
Veeam Availability Suite 10 unattended installation [with
Ansible]
Veeam Backup & Replication Chocolatey packages
Veeam NAS and File Share Backups
From Gostev’s Veeam
Community Forums Digest:
January 27 - February 2, 2020
“... it appears Microsoft Azure had a critical
vulnerability (CVSS score of 10.0) last year, which allowed the attacker to
escape the Sandbox of a cloud VM, overtaking the host and so other VMs running
on it. I always thought of public cloud as of subway in that sense – if you
take one, you have to watch your pockets, and have a copy of your documents at
home (or in the hotel). But, do you keep a copy of your cloud VMs backups at ‘home’
(your on-prem datacenter in this case) though? Because we'll for sure keep
seeing such vulnerabilities in future with all hyperscalers, and their primary
"use case" will be to delete VM snapshots and deploy ransomware
> Perfect 10.0: This Is a Cloud Security Nightmare”
January 27 - February 2, 2020
“... one of the participants performed a live demo of BitLocker encryption bypass via TPM module sniffing. The key take away here is that the "default" BitLocker setups without pre-boot authentication can be more or less easily bypassed! So I'm now wondering how many BitLocker-enabled laptops carrying sensitive data were lost with IT thinking the data is safe, when it was not.”
“... one of the participants performed a live demo of BitLocker encryption bypass via TPM module sniffing. The key take away here is that the "default" BitLocker setups without pre-boot authentication can be more or less easily bypassed! So I'm now wondering how many BitLocker-enabled laptops carrying sensitive data were lost with IT thinking the data is safe, when it was not.”
February 10 - February 16, 2020
“How you prevent BitLocker encryption bypass attack
via TPM module sniffing with pre-boot authentication. It assumes you have
BitLocker already enabled, otherwise there's nothing to bypass!
1. Logon to Windows with an administrator account.
2. Open the Group Policy Editor (click Start, type
"gpedit.msc").
3. Select Computer Configuration > Administrative
Templates > Windows Components > BitLocker Drive Encryption >
Operating System Drives folder, and double-click the "Require Additional
Authentication at Startup" option.
4. In the dialog that opens, select
"Enabled" radio button at the top left.
5. In the "Configure TPM Startup PIN"
drop-down list below, select "Require Startup PIN With TPM" option,
and click OK to save changes.
6. Launch elevated command prompt (click Start, type
"cmd", right-click and select "Run as administrator").
7. Run "manage-bde -protectors -add c:
-TPMAndPIN" and set PIN (minimum length is 6 digits).
You're done! Other useful commands include
"manage-bde -status" to check your protection status, and
"manage-bde -changepin c:" to change PIN. Also, keep in mind that
BIOS and TPM firmware updates require suspending BitLocker using the Manage
BitLocker snap-in.”
Zone to Win
[Video] Zone to Win - Organizing to Compete in an Age of
Disruption, by Geoffrey Moore
Comments
Post a Comment