Blog

  • 20 VMworld Parties, Events, and Sessions You NEED to Check Out!

    20 VMworld Parties, Events, and Sessions You NEED to Check Out!

    August 21st, 2019
    Read More

    Even though High Availability, Inc. is not attending this year's VMworld 2019, some of our partners are, and they have some fantastic activities and offers in store for our customers!

    Here is our list of the Top 10 Vendor Events you NEED to check out if you're attending VMworld 2019! All of us at H.A. will be experiencing some major FOMO (fear of missing out) – that’s for sure…

     

    • VMunderground 2019 sponsored by Veeam and Cohesity
      • Sunday, August 25th | 8:00 p.m. - 11:00 p.m. | Tabletop Tap House
      • VMunderground, also known as the unofficial "pre-VMworld warm-up Party" provides VMworld guests a chance to kick back and relax with a few drinks before the week begins!
      • Click Here for more information.

         
    • Rubrik Customer Game Night
      • Sunday, August 25th | 7:00 p.m. - ???  | Emporium SF | *customers only
      • Hop on the waitlist and join the Rubrik team for a night of pinball, skeeball, air hockey, and fun at Emporium, San Francisco's most popular arcade bar. The event will also feature local bites, craft beers, and cocktails!
      • Click Here for more information.

     

    • Cohesity San Francisco Giants vs. Arizona Diamondbacks Tailgate Party
      • Monday, August 26th | 6:30 p.m. - ??? | San Francisco Giants Parking Lot A
        • It's game time! Join Cohesity for a VIP tailgate and watch the San Francisco Giants take on the Arizona Diamondbacks. The tailgate includes tickets to the game, pizza, drinks and a chance to take a photo with some of the team's World Series trophies!
        • Click Here for more information.

     

    • Level Up – Career Cafe sponsored by Veeam
      • Monday, August 26th | 7:00 p.m. – 8:00 p.m. | The Grove – Yerba Buena
      • Get real-world support from prominent IT industry leaders and recruiters when it comes to your IT career.
      • Note: $8 ticket price…make sure to get tickets in advance!
      • Click Here for more information.

     

    • NetApp VIP Reception
      • Monday, August 26th | 6:00 p.m. - 8:00 p.m. | Natoma Cabana 
      • Join the NetApp data experts at Natoma Cabana, a topical themed bar and restaurant, for a night of craft cocktails, small plates, and networking. Space is limited, so make sure to register ASAP!
      • Click Here for more information.

     

    • Rubrik & AWS VMworld Party
      • Monday, August 26th | 9:00 p.m. - ??? | August Hall
      • Join Rubrik, AWS, and the Wu-Tang Clan for the ultimate VMworld party experience.
      • Note: your VMworld badge and registration is required for entry
      • Click Here for more information.

     

    • Private Hamilton Performance with Cohesity
      • Tuesday, August 27th | 6:30 p.m. - ??? | SHN Orpheum Theatre
      • Take a meeting with Cohesity before VMworld and receive two tickets to Cohesity's private Hamilton performance!
      • Click Here for more information.

     

    • Veeam's Legendary VMworld Party 2019
      • Tuesday, August 27th | 8:00 p.m. - 11:00 p.m. | The Masonic
      • Check out musician Andy Grammer and DJ Damon with Veeam at The Masonic, one of San Francisco's most legendary concert venues. Space is limited!
      • Click Here for more information.

     

    • VMworld Fest Featuring OneRepublic
      • Wednesday, August 28th | 7:00 p.m. - 10:00 p.m. | Moscone Center and Bill Graham Civic Auditorium
      • Party with VMware and OneRepublic at the official VMworld extravaganza!
      • Click Here for more information.

     

    • Women of Workspace (WoW) Presented by Vmware EUC
      • Wednesday, August 28th | 5:00 p.m. - 7:00 p.m. | Social Terrace at the W Hotel
      • Participate in a panel discussion followed by networking, drinks, and appetizers. Connect with women across different industries who are driving digital transportation.
      • Click Here for more information.

     

    However....we weren't allowed to post a blog with JUST party events, so we have also compiled a list of the top 10 educational sessions you should attend between those parties!

     

    • Ask the Experts: Cloud Native Architects Behind Hundreds of Deployments
      • Thursday, August 29th | 9:00 a.m. - 10:00 a.m. | Moscone West, Level 2, Room 2024
      • Speakers:
        • Nicholas Lane, Cloud Native Architect, VMware
        • Duffie Cooley, Staff Kubernetes Architect, VMware
        • Hart Hoover, Cloud Native Architect, VMware
        • John Harris, Senior Cloud Native Architect, VMware
        • Scott Lowe, Staff Cloud Native Architect, VMware
      • This panel Q&A session will be led by the VMware Cloud Native Architects, who work directly with customers to install and operate Kubernetes, as well as integrate it with a host of other services for application deployment, monitoring, logging, security and more! These architects have hands-on experience. This is your chance to ask the experts questions about using Kubernetes, architecture patterns and anti-patterns, or integration points with existing services. They can draw on their knowledge and experiences to give you practical answers that will move your Kubernetes journey forward.
      • Note: there is also a series of similar events, facilitated by each expert, where you can ask the expert your toughest Kubernetes questions!
      • Click Here to learn more and to schedule your session.

     

    • Apply Machine Learning to Reduce 2 Day Troubleshooting and Headaches
      • Monday, August 26th | 11:00 a.m. - 12:00 p.m. | Moscone South, Esplanade, Room 151
      • Speakers:
        • Frank Chodacki, Sr Solutions Architect - IBM Cloud for VMware Solutions, IBM
        • Jack Benney, Senior Managing Consultant, Office of the CTO, VMware Solutions on IBM Cloud and Cognitive Software, IBM
      • VMware solutions such as ESXi, vSAN, and NSX can produce a large number of events to describe the running state of the system. However, the volume of these events can be time-consuming to diagnose and troubleshoot the problems. The VMware on IBM Cloud team has been applying Machine Learning techniques to recognize patterns of events that uniquely describe a single problem and provide relevant known fixes to these problems. This model will learn from real-world, troubleshooting experiences to become smarter over time. This session will explore the tools, techniques, and conclusions around building a Machine Learning model to help Systems Administrators diagnose VMware problems.
      • Click Here to learn more and to schedule your session.

     

    • Technologist for Good, Through Global Mentorship
      • Monday, August 26, 02:15 p.m. - 02:30 p.m. | Moscone South, Lower Level, The Square, Social Media & VMware Community
        • Speaker: Yadin Porter de Leon, Lead Advocate, Tech Level Up Project
      • One in every six children on the planet lives in a "conflict zone." War damages every aspect of a child's life. Children caught up in war lose their access to education, legal protection, and personal safety and security. War Child provides children with education programs, so they can get back into school. It gives them safe spaces, so they can get back to playing. And it trains parents and young people to help restore their ability to provide for themselves and regain a sense of security. Learn how remote "virtual mentorship" can help those in need, learn about things like running virtual machines or building websites. Find out how, with just a donation of your time and expertise, you can be a part of a program that helps to break the cycles of poverty and violence that plague war-torn communities.
      • Click Here for more information and to schedule your session.

     

    • Tackling Common Cloud Security Mistakes
      • Monday, August 26, 05:15 p.m. - 06:00 p.m. | Moscone West, Level 2, Meet the Experts, Table 11
      • Tuesday, August 27, 02:15 p.m. - 03:00 p.m. | Moscone West, Level 2, Meet the Experts, Table 11
      • Speaker:
        • Hadar Freehling, Cloud Security Solution Architect, VMware
      • Misconfigurations are the most common security risk that organizations face in the cloud. Join this discussion to understand what are the most common misconfigurations that organizations experience and how you can easily identify and remediate these issues.
      • Click Here to learn more and to schedule your session.

     

    • VMware CTO Panel: What's Over the Horizon?
    • Tuesday, August 27, 11:00 a.m. - 12:00 p.m. | Moscone South, Level 2, Room 203
      • Speakers:
        • Kit Colbert, CTO, Cloud Platform, VMware
        • Ray O'Farrell, EVP & Chief Technology Officer, VMware
        • Pere Monclus, CTO Network and Security BU, VMware
        • Greg Lavender, SVP & CTO, Cloud Architecture, VMware
      • VMware CTOs are at the forefront of our supersonic innovation pace. Over the past year, VMware has unveiled major solutions and initiatives in the areas of blockchain, edge computing, machine learning, service mesh, networking, and data management. Attend this session to learn what the future holds from VMware R&D. Ample time will be afforded for you to ask your most pressing questions directly to VMware's innovation leaders.
      • Click Here to learn more and to schedule your session.

     

    • How to Become the Platform Engineer of the Future
      • Tuesday, August 27, 12:30 p.m. - 01:30 p.m. | Moscone South, Level 2, Room 201
      • Speakers:
        • Matthew Steiner, Cloud Technologist, VMware
        • Martijn Baecke, Cloud Technologist, VMware
      • Are you thinking about what to do next? Do you see the cloud as a threat or an opportunity? Do you want to be the platform engineer of the future? As we enter the multi-cloud era, the traditional roles in IT are changing. In this talk, we will examine how the cloud landscape is rapidly evolving and the background to this change, as well as look into some of the key technologies supporting this change from VMware and the cloud ecosystem. We will discuss APIs, infrastructure as code, platforms as code, everything as a service, service brokering, and much more. At the end of this session, you will be equipped with what you need to know to become the platform engineer of the future, a role that will be one of the most valuable in the multi-cloud era.
      • Click Here to learn more and schedule your session.

     

    • HCI Management: Current and Future
      • Tuesday, August 27, 01:00 p.m. - 02:00 p.m. | Moscone West, Level 2, Room 2003
      • Speakers:
        • JunChi Zhang, Product Line Manager, vSAN, VMware
        • Christian Dickmann, vSAN Architect and Principal Engineer, VMware
      • This session repeats at every VMworld with great popularity. In this session, the VMware vSAN principal engineer and lead product manager will help you learn what hyperconverged infrastructure (HCI) management means and its vision, what new values HCI management has delivered since last year's VMworld, and new considerations from us and trending thoughts.
      • Click Here for more information and to schedule your session.

     

    • Customer Panel: What You Need to Know About Hyperconverged Infrastructure
      • Tuesday, August 27, 2:30 p.m. - 3:30 p.m. | Moscone West, Level 2, Room 2008
      • Speakers:
        • Matt Herreras, Senior Director, Product Marketing, VMware
        • Thomas Fukuyama, Sr. Director, IT Operations, Travelers
        • Lester Shisler, Senior IT Systems Engineer, Harmony Healthcare IT
        • Matthew Douglas, Chief Enterprise Architect, Sentara Healthcare
      • Hyperconverged infrastructure (HCI) adoption is off the charts, but is your organization prepared? What are the use cases, benefits, and potential pitfalls? Should you buy an appliance or deploy software? Who deploys and operates it—the virtual admin, storage admin, or someone else—and what organizational changes are required? Attend this panel discussion to learn the good, the bad, and the ugly in the real world from customers so you can be better prepared for the HCI wave.
      • Click Here to learn more and to schedule your session.

     

    • Protect Data-Driven Storage for Hybrid Multicloud
      • Tuesday, August 27, 03:30 p.m. - 04:30 p.m. | Moscone South, Esplanade, Room 151
      • Speakers:
        • Eric Herzog, CMO, and Vice President Global Channel Sales - IBM Storage Systems, IBM
        • Mitch Patro, Enterprise Systems Engineering / Enterprise Storage Services Manager, IBM
      • Hybrid and multi-clouds, spanning enterprise data centers, private and public clouds; are placing a new set of requirements on customers' storage systems. Customers must deal with the new realities of cloud migration, protecting older applications and data – while supporting for a new generation of cloud-native applications deployed with containers. See how data-driven storage solutions interconnect data among hybrid and multi-cloud solutions reaching extraordinary performance and ease their management among clouds. We will cover best practices, implementation considerations, and lessons learned raised by our customers and business partners who had boosted their productivity and revenue growth.
      • Click Here to learn more and to schedule your session.

     

    • The Virtually Speaking Podcast LIVE: The Future of IT - How Will You Fit in?
      • Wednesday, August 28, 10:00 a.m.- 11:00 a.m. | Moscone West, Level 2, Room 2008
      • Speakers:
        • Ken Werneburg, Technical Marketing Group Manager - Storage and Availability, VMware
        • John Nicholson, Senior Technical Marketing Architect, VMware
        • Pete Flecha, Sr Technical Marketing Architect, VMware
      • Ready for something different? The Virtually Speaking Podcast crew has three very special guests to discuss the future of IT and how we can position ourselves to excel as IT professionals. The roles of deep specialists and IT generalists are rapidly converging. Administrators now need to be 'specialized generalists' who know a fair bit about a fair number of things. Cloud, containers, hyperconverged infrastructure, network microsegmentation, are all the new wave of technology; With DevOps, AI and machine learning use cases changing not only the way we implement but the way we manage IT. In this session, we examine this shifting IT landscape, and discuss trends for personal tooling - how can we position ourselves to excel in this new landscape? What does the datacenter of the future look like, and what sort of people will it need?
      • Click Here to learn more and to schedule your session.

     

    • Core Storage Best Practices: Enabling Your Storage to Be Reliable
      • Wednesday, August 28, 01:00 p.m. - 02:00 p.m. | YBCA, Lobby Level, Theater
      • Speakers:
        • Cody Hosterman, Technical Director, Pure Storage
        • Jason Massae, Technical Marketing Architect, Core Storage, VVols, VMware
      • With all the different storage arrays and connectivity protocols available today, knowing the best practices can help operational efficiency and enable resilient operations. VMware's storage global service has reported many of the common service calls they receive. We will review some of the common mistakes made when setting up storage arrays. We will also go over the most common and most valuable configurations to maximize the value of your storage arrays and VMware vSphere.
      • Click Here to learn more and to schedule your session.
  • Cohesity – What’s New in 6.4

    Cohesity – What’s New in 6.4

    August 15th, 2019
    Read More

    If you are not familiar with Cohesity, you should be and here’s why!!!

    The problems with non-primary data:

    ·        Fragmentation – Multiple silos and vendors

    ·        Inefficient – Multiple copies and overprovisioned

    ·        Dark Data – Poor visibility and compliance risks

    Why should you care???

    The vast majority of an organization’s data—approximately 80 percent—is not actively in use in primary systems. Its data is stored in backups, archives, file shares, object stores, test and development systems, and analytics datasets both onsite and across public and private clouds.

    How does Cohesity help?

    They eliminate mass data fragmentation, by consolidating data management silos, and enabling IT to extract more value from their data in all the following use cases:

    So if you already knew all that, then you might be interested in hearing what’s new!

    Cohesity recently releases Pegasus 6.4 with A TON of new features that are certainly worth a look.

    To name a few:

    Runbook Automation

    ·        With 6.4, Cohesity introduces the ability to architect, orchestrate, and automate critical data management workflows, helping address the most significant unsolved challenges in disaster recovery. Now on MarketPlace, Cohesity Runbook makes it simple to systematically move workloads between on-premises data centers and the public cloud

    Enhanced Oracle and SAP Data Protection

    ·        Gain more control for Oracle RAC data protection. Define and configure the number of nodes and channels for backup and recovery across the entire RAC system. Speed on your terms has never been easier.

    ·        Protect Oracle environments, now on AIX. Have more options and protect Oracle workloads, regardless of the operating environment.

    ·        Simplify SAP HANA data protection. Leverage a stronger integration with SAP HANA: manage and view your most critical HANA data protection workflows, all from Cohesity.

    Simplified Data Management

    ·        Simplify workflows and see your data with a next-generation user interface. A redefined, modern user interface drives effortless data management, simply giving you more granular control.

    ·        Enhance security and simplicity with single sign-on, now with the leading identity providers. Improve the authentication user experience and integrate in minutes with Okta, Duo, Ping Identity, ADFS, and Azure Active Directory.

    ·        Leverage Helios to manage data and applications, now on-premises. Benefit from Helios, even in your most secure environments. With the ability to run in the cloud, and now, on-premises, Helios supports your infrastructure no matter where you are.

    ·        Protect your investment with a more flexible, non-disruptive scale-out. Combine Cohesity C2000 and C4000 appliances in a single cluster for increased flexibility as you scale.

    Cloud Enhancements

    ·        Run natively on AWS GovCloud and Azure Government Cloud. AWS and Azure customers have broad data management capabilities for secured government clouds that include backup and recovery, long-term retention, and analytics.

    ·        Leverage AWS S3 Glacier Deep Archive for long-term data retention.

    Effortless Backup and Recovery for Containers

    ·        Bring seamless backup, recovery, and data management to modern infrastructure with application-consistent backup and recovery for containerized workloads. With native integration with Kubernetes and the most popular container clustering and orchestration tools, Cohesity protects persistent application metadata and context – safeguarding the entire app, not just its data.

    These are just some of the enhancements that have recently been released along with many others. If your business is currently evaluating solutions in any of these areas, please call your HA rep and ask them to set up a meeting so we can chat ASAP:

    ·        Data Protection

    ·        Disaster Recovery

    ·        Business Continuity

    ·        Cloud

    ·        Archive

    ·        NAS

    ·        Object

    ·        Data Analytics

  • High Availability, Inc. Named to 2019 CRN Fast Growth 150 List

    High Availability, Inc. Named to 2019 CRN Fast Growth 150 List

    August 13th, 2019
    Read More

    High Availability, Inc. Named to 2019 CRN Fast Growth 150 List
    Recognition Earned for Exceptional Growth and Performance as an IT Channel Provider

    Audubon, PA, August 13th, 2019 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company, has named High Availability, Inc. to its 2019 Fast Growth 150 list. The list recognizes the fastest-growing technology integrators, solution providers, and IT consultants in North America. Channel providers making the list have experienced substantial growth between 2017 and 2018. The companies recognized this year have generated a combined total revenue of more than $55 Billion over the past two years.

    "We are thrilled to be one of only seven companies in the nation to be named to the CRN's 2019 Fast Growth 150 for the fifth consecutive year," said Steve Eisenhart, Chief Executive Officer of High Availability, Inc. "Our continued investments in our business, people and partners have led to incredible year-over-year growth and taken us to new heights. I would also like to recognize and thank our customers for their continued trust and loyalty as we would not be in the position we are without their support. We are excited about where we are as an organization and look forward to making it six straight years in 2020." Eisenhart concluded.

    Growth and profitability in the channel are noteworthy achievements as today’s channel providers compete in a highly disruptive and fast-paced industry. Ripples of constant change profoundly impact the channel ecosystem — requiring providers to continuously align with changing requirements. The 2019 Fast Growth 150 list recognizes these remarkable accomplishments.

    “There’s a great deal of growth and opportunity in the channel, and these companies are proof-positive that hard work and a commitment to service can pay off — even in a constantly evolving and highly competitive market like we have today,” said Bob Skelley, CEO of The Channel Company®. “These companies exemplify the best of the best; channel providers whose market strategies should serve as an inspiration to us all. We’re thrilled to honor these hard-working and well-deserving companies and wish them continued success.”

    A sampling of the 2019 Fast Growth 150 list is featured in the August issue of CRN Magazine and the complete list can be viewed online at www.crn.com/fastgrowth150.

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom-tailored systems and solutions to fit both current requirements and future IT and business needs.

    ###

    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or lthompson@hainc.com

  • WCCP with FTD

    WCCP with FTD

    July 16th, 2019
    Read More

    Often, during a firewall migration part of the configuration requires integration to a dedicated external web content filtering solution, for example, Cisco's Web Security Appliance (WSA).  There are multiple methods of implementing a web filtering solution, and one of those methods is to use Web Cache Communications Protocol (WCCP).  While the required configuration-set is a reasonably simple task on a Cisco ASA or a Cisco router, it's a *little* bit more complicated when migrating over to a Cisco Firepower Threat Defense (FTD) firewall appliance.  Something we often hear about Firepower Management Center (FMC) is that not all features are baked into the GUI and various configurations require the use of what's called FlexConfig.  One of those FlexConfig-required configurations happens to be WCCP.  Moreover, since FTD requires management via FMC, we need to use FlexConfig to get FTD to talk to the web filtering solution via a FlexConfig configuration-set.

    While reviewing the configuration template that Cisco provides within FMC, it looks a bit complex.  However, in the end, after looking at what's really needed, it's not that complex at all.  Let's take a look at their sample config.

    ============================================================

    #set( $service = "web-cache")

     #if( $isServiceIdentifier == "true")

     #set( $service = "$serviceIdentifier")

     #end

     #set ( $wccpCli = "wccp")

     #set ( $wccpCli = "$wccpCli $service")

     ####wccpGroupList is place-holder for extended ACL.

     ####Replace wccpGroupList with extended ACL defined in FMC by inserting policy-object of type extended ACL.

     #if( $wccpGroupList )

     #set( $wccpCli = "$wccpCli group-list $wccpGroupList")

     #end

     ####wccpRedirectList is place-holder for extended ACL.

     ####Replace wccpRedirectList with extended ACL defined in FMC by inserting policy-object of type extended ACL.

     #if( $wccpRedirectList )

     #set( $wccpCli = "$wccpCli redirect-list $wccpRedirectList")

     #end

     #set( $wccpCli = "$wccpCli password @wccpPassword ")

     $wccpCli

     #### Assiging wccp onto interface

     #foreach( $interfaceName in $security-zone)

     wccp interface $interfaceName $service redirect in

     #end

    ============================================================

    Whoa, there's quite a bit of "stuff" in there. 

    We are going to run through the configurations and use a much simpler FlexConfig set on our FTD appliance than what this sample template shows.

    In this lab, I'm going to be using a virtual FTD appliance and a virtual WSA appliance built using the topology shown below.

    The first step we'll do is create the access-lists that will define the interesting traffic that we will set to be redirected to WSA as well as an ACL for the gateways.

    Objects > Object Management > Access Lists > Extended > Add Extended Access List

    In this example, I'm going to use a name of "wccp-90" as my redirect list and "wccp-gateway" as my gateway list.

    Under the Extended Access List section, select "Add Extended Access List" and choose "Add" to create a new entry.  The action, as well as the source and destination for this entry, will remain the defaults.  Under the "Port" tab, move "HTTP" into the destination field and click "Add" then "Save".  Note that we are only going to work with HTTP in this lab, but HTTPS can be added here as well, it just requires additional certificate work which we'll keep out for simplicity of this environment.

     

    The second ACL we will create is for the gateways-list.  Following the same process as above, under the Extended Access List section, select "Add Extended Access List".  For a name, I'm going to use "wccp-gateways".  Click "Add" to create a new entry again keeping the action as the default of "Allow".  This time, we're going to have to create an object for our WSA server.  Next to the "Available Networks", select the "+" sign to create a new object.  Enter your object name (“wsa” in this environment) and the IP address of the WSA server (172.16.10.20) and click "Save".  Once that object is created, it can now be selected from the Available Networks list.  Locate that new "wsa" object and move it into the "Source Networks" section.  When complete, click "Add" then "Save".

    With our access-lists created, we can go and create our FlexConfig object.  Rather than using the wccp template config that is built into FMC, we're going to create a new object.  Under Objects > Object Management > FlexConfig > FlexConfig Object, select "Add FlexConfig Object" at the top right.  For the name of this new object, I'm going to simply use "wccp-flexconfig".  Here's where the template that Cisco provides and the config that we're going to use will differ but provide the same result. 

    Under the configuration section, this is going to take a mix of manual configuration as well as using the “Insert” button to add variables with the end result appearing as the config snippet below:

    =========================================================

    wccp 90 redirect-list $wccp-90 group-list $wccp_gateways

    wccp interface inside 90 redirect in

    =========================================================

     

    Start by manually typing "wccp 90 redirect-list ".  *Note the space entered after redirect-list.

    After "redirect-list", select the "Insert" drop-down menu.  Under Insert > Insert Policy Object > choose Extended ACL Object.  Provide a variable name within this environment, I entered "wccp-90".  From the Available Object list, move your "wccp-90" access-list created in a previous step and select "Save".  At this point, your configuration statement should be "wccp 90 redirect-list $wccp-90 ".  Next, we will need to add the group-list.  After "$wccp-90 ", manually enter "group-list" and using the same steps as with the redirect-list, select the "Insert" drop-down > Insert > Insert Policy Object > and once again choose Extended ACL Object.  Under the Available Objects section, move your wccp-gateways ACL to the Selected Objects column and click "Save".

    On the next line, we're going to enable the redirect process using the statement below:

    wccp interface inside 90 redirect in

    At this point, our FlexConfig object has been configured and we can now save that object.

    With our FlexConfig object successfully created, we will now go and assign that object to a policy which will then be assigned to our FTD appliance.

    Under Devices > FlexConfig > Create a "New Policy".  Give your new policy a name which in this case I just used "FlexConfig".  Under the "User Defined" objects, highlight and move the "wccp-flexconfig" object over to the "Selected Append FlexConfigs" section.  The last piece to this puzzle is to assign this new FlexConfig policy to the FTD appliance.  On this same window, select "Policy Assignment" at the top right under where the "Preview Config" and "Save" buttons are and move your FTD appliance into the "Selected Devices" column.  When done, click "OK", then "Save".

     

    voilà...just like that, you have WCCP configured on your FTD.  Easy, right?

    To verify, you can SSH into your FTD appliance and run all of the normal "show" commands that you could on a Cisco ASA. 

    > show running-config wccp

    wccp 90 redirect-list wccp-90 group-list wccp-gateways

    wccp interface inside 90 redirect in

    >

    >

    > show access-list wccp-90

    access-list wccp-90; 1 elements; name hash: 0x1a10f12

    access-list wccp-90 line 1 extended permit object-group ProxySG_ExtendedACL_8589934661 any any log informational interval 300 (hitcnt=0) 0x1063ff01

      access-list wccp-90 line 1 extended permit tcp any any eq www log informational interval 300 (hitcnt=0) 0xedff4076

    >

    >

    > show access-list wccp-gateways

    access-list wccp-gateways; 1 elements; name hash: 0xdd6d9d02

    access-list wccp-gateways line 1 extended permit object-group ProxySG_ExtendedACL_8589934683 object wsa any log informational interval 300 (hitcnt=11) 0xcaa7d25c

      access-list wccp-gateways line 1 extended permit ip host 172.16.10.20 any log informational interval 300 (hitcnt=11) 0x3c22ac49

    >

    > show wccp

    Global WCCP information:

        Router information:

            Router Identifier:                   172.16.10.254

            Protocol Version:                    2.0

        Service Identifier: 90

            Number of Cache Engines:             1

            Number of routers:                   1

            Total Packets Redirected:            866

            Redirect access-list:                wccp-90

            Total Connections Denied Redirect:   0

            Total Packets Unassigned:            0

            Group access-list:                   wccp-gateways

            Total Messages Denied to Group:      0

            Total Authentication failures:       0

            Total Bypassed Packets Received:     0

    From this output, we can see that we now have a GRE connection from the FTD appliance to the WSA server and traffic is being redirected.  We can also see that from the client workstation, when a policy is written to block Auction sites, the content is successfully blocked.

  • Cisco's Cloud Defense Orchestrator - Alive and Kicking

    Cisco's Cloud Defense Orchestrator - Alive and Kicking

    June 24th, 2019
    Read More

    Cisco has a cloud-based management tool for IOS routers, ASAs, FirePOWER on ASA, ASA on FTD, Umbrella and real soon FTD on FTD.  A once forgotten about application, Cisco Defense Orchestrator (CDO) is still alive and kicking. 

    CDO provides much-needed automation when delivering policy changes, software upgrades, and configuration assistance across a  plethora of Cisco security products.  It is also primed to add more value hooking into Stealthwatch's cloud offering for logging and advanced threat analytics in the near future.

    Managing multiple firewalls can be daunting. Duplicate object and entries, shadow IT rules, and lack of an audit trail has made a Cisco firewall admin's job less than smooth.   Cisco does have a Security Manager product, but it is clunky, hard to use, and doesn't plug into with any of the next generation firewall features.  Clearly, something better is needed.

    Along comes CDO.  It advertises being "up" in minutes and adding value day 1.  It is a true SAAS offering with device-specific licensing required.  You purchase the quantiles needed by model and device type and choose a duration for the service.

    We will run through the turn-up process to show how quickly we can get started with CDO.

    #1 After our CDO account is created, we are required to setup MFA.  With that completed, we login to CDO and begin setting up our account.

    #2 We set up a Secure Device Connector  (SDC) from our portal.  We have two options for CDO to manage our equipment.   We can choose to have our devices managed directly from the cloud (they need to be directly accessible over the internet) or use an onsite proxy server.   We can build our own SDC with any CentOS box (8 MB of RAM 10G of disk) or deploy a pre-configured VMWare OVA file.  We also have the option of importing configurations for offline management of boxes we can't manage directly. 

    CDO – Wizard – Getting Started

    CDO – Wizard – Getting Started

     #3 Next, we are off to adding devices.  The configurations will be reviewed, and recommendations are generated to help with some common configuration problems.

    In this example, we have onboarded an ASA using the Cloud Secure Device Connector.  This is provided at no cost. If we are adding a device that is managed through the same interface that is providing Anyconnect VPN, we need to change our default port number for ASDM.

    ASA Changes for CDO access

    http 52.34.234.2 255.255.255.255 outside

    http 52.36.70.147 255.255.255.255 outside

    http server enable 8443

     

    CDO – Wizard – Getting Started

    • First we choose our device type

     CDO – Wizard – Getting Started

    • Next we provide device specific information

    CDO – Wizard – Getting Started

    • After confirming it can connect to the device we are prompted for credentials.

     CDO – Wizard – Getting Started

    In just a few minutes CDO has onboarded the device and is evaluating the policy

     

    Policy Feedback - Clearly some work to be done!

     

    Examine Shadow IT rules

     

    We can also drill down to are heavy hit rules and see if there are any misconfigurations or obvious optimizations to be made.

     

     

     

      

     

    Troubleshoot VPN issues

     

       

     

    Perform bulk upgrades   

     

     

    Review audit logs

     

    Some other popular use cases are listed below. 

    • Reduce errors and misconfigurations with device templates
    • Discover inventory based on Smart License inventory (FTD 6.3 +)
    • Configure NGFW features with wizard walkthrough ease and feel
      • Easy roll back with multiple configuration revisions
      • Take advantage of licenses sitting dormant and unused
    • Migrate platforms
      • ASA to FTD, ASA to MX, MX to FTD
    • Manage a single block list across multiple Cisco security products
    • Perform rapid device deployment and replacement
    • Bulk upgrades with pre-staging
      • Supports intelligent failover monitoring

     

    This is truly one of Cisco's more affordable solutions.  It’s able to support new and legacy devices easing the transition and streamlining new deployments.  For more information feel free to contact us at info@hainc.com

  • High Availability, Inc. Recognized on CRN’s 2019 Solution Provider 500 List

    High Availability, Inc. Recognized on CRN’s 2019 Solution Provider 500 List

    June 12th, 2019
    Read More

    High Availability, Inc. Recognized on CRN’s 2019 Solution Provider 500 List
    CRN's 2019 Solution Provider 500 list ranks the top integrators, service providers and IT consultants in North America by services revenue.

    Audubon, PA, June 12th, 2019 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company, has named High Availability, Inc. to its 2019 Solution Provider 500 list. This annual list ranks the largest North American IT channel partner organizations by revenue. The Solution Provider 500 is the industry standard for recognizing the highest performing technology integrators, strategic service providers and IT consultants. It is the industry's predominant channel partner list, serving as a valuable resource for technology vendors looking to partner with top solution providers.

    The Solution Provider 500 is CRN’s predominant channel partner award list, serving as the industry standard for recognition of the most successful solution provider companies in the channel since 1995. The complete list will be published on CRN.com, making it readily available to vendors seeking out top solution providers to partner with. 

    "We are honored to be recognized on CRN's Solution Provider 500," said Steve Eisenhart, Chief Executive Officer of High Availability, Inc. "We are very excited to have increased our position on the list for the 7th straight year to #224.  This achievement is a tribute to our dedicated and talented employees, loyal customers, and supportive business partners. We will continue to make investments in the right people, the right partners, and the right technologies to advance as an organization and improve our ranking on this list again next year." Eisenhart added.

    “The companies on this year’s list represent an incredible combined revenue of $320 billion, a sum that attests to their success in staying ahead of rapidly changing market demands,” said Bob Skelley, CEO of The Channel Company. “Congratulations to the solution provider organizations leading the way in digital transformation and the latest technology services.”

    The complete 2019 Solution Provider 500 list is available online at www.CRN.com/SP500 and a sample from the list will be featured in the June issue of CRN Magazine.

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.

  • Solving Citrix Problems Before They Are Noticed

    Solving Citrix Problems Before They Are Noticed

    May 15th, 2019
    Read More

    It seems that VDI and DaaS keep growing every year! New solutions are put on the market, and long-term players keep adding new features to their products. But, if you ask me, Citrix is still the #1 player on the market with their virtual apps and desktops solution.

    Virtual apps and desktops provide security while working remotely, which is a necessity with the increase in work-from-home positions. While "work-from-home" is the trend, employees aren't always necessarily at home while working. In fact, some employees may prefer to work between meetings and utilize public Wi-Fi. This makes data protection more important than ever.

    But, what happens when employees cannot access their virtual desktop infrastructure? As IT admins, we know this situation all too well. The problem is usually easy to fix, but could it have been prevented?

    This is where Application Probing comes into play, which can be found in the latest release of Citrix Virtual Apps. With the release of b7.18, admins can now troubleshoot individual applications in addition to clients/hosts, sessions, and users all through Application Probing.

    Application Probing works with the Application Probe Agents. These agents are installed on an endpoint machine or VM and periodically test whether an application is available and can be started.

    The agent executes application probing as per the probe configuration it fetches from the director. The application probe tests the availability of the tested application on five levels:

    StoreFront Reachability – Is the configured StoreFront URL reachable?

    StoreFront Authentication – Are the configured StoreFront credentials valid?

    StoreFront Enumeration – Is the tested application available in Storefront?

    ICA download – Is the ICA file available and can it be downloaded?

    Application launch –  Can the application be launched?

    The installation of agent configuration is pretty straightforward. The only condition for installing the agent is the availability of Citrix Receiver version 4.8 or higher.

    This feature has auto email alerts support, which sends email notifications whenever there is an application launch failure. So, Citrix administrators do not need to log in every day and start being proactive in solving solutions.

    Interested in this feature? Take a look at this following Citrix page.

  • .NEXT 2019 Recap

    .NEXT 2019 Recap

    May 13th, 2019
    Read More

    The 2019 Nutanix .NEXT conference, which took place in Anaheim, California in May, provided IT leaders from around the globe with a tremendous amount of information regarding enterprise data center and cloud technologies.

    So what is the .NEXT event? .NEXT is an annual conference that primarily focusses on the progress, innovation, and expansion of the entire Nutanix portfolio. The event is best known for educational opportunities. Unlike many other vendor conferences, .NEXT offers attendees the chance to sit in on classes, hands-on labs, and even take advantage of in-person certification testing. 

    Since High Availability, Inc. is now implementing and manager far more Nutanix HCI environment than we ever have before - we knew we had to attend (again). Here are a few takeaways and announcements from the event concerning some Nutanix solutions:

    Nutanix Mine:
    Nutanix Mine is a new open solution that integrates secondary storage operations with the Nutanix Enterprise Platform. Mine will provide native integration with industry-leading backup vendors (Veeam, HYCU, Commvault, Veritas, Unitrends...). This integration means you can now manage your HCI environment and backup operations from a single console to reduce the cost and complexity of storage management. 

    Xi Frame:
    Acquisition by Nutanix from Frame, Inc., Xi Frame offers Desktop as a Service through your browser without the need of a plugin via HTML-5. Take a browser, anywhere in the world, and start your own desktop or start applications directly from within the browser. You only pay for what you use.  Xi Frame can now run on AHV and extends its desktop delivery capabilities beyond public cloud infrastructures like Azure and AWS.

    Xi Epoch:
    This offer solution offers an overview of your cloud applications. It gives a clear view of the interactions between your applications, without being dependent on one framework or a specific language. IT also includes performance monitoring and a tool to investigate application outages.

    Xi Leap:
    Don't have the time or budget to manage your DR infrastructure? XiLeap is a DR as a Service solution delivered from Xi Cloud. XiLeap is a no-install solution that eliminates the complexity of setting up VPN tunnels and routing protocols to enable reachability between the on-prem and cloud networks. Xi Leap is now expanding cloud-based disaster recovery services to new availability zones.

    XI IoT:
    The Nutanix IoT platform called Xi IoT platform now offers new capabilities to develop and deploy IoT and AI applications in the cloud or at the edge. You can now streamline the development of IoT and AI applications with seamless connectivity to cloud and your own datacenter resources.

    Interested in attending .Next in 2020? The sixth annual .NEXT conference takes place in Chicago from June 30th - July 2nd. 

Join the High Availability, Inc. Mailing List

Subscribe