Tag Archives: Firewall

Horizon on VMC header

Horizon on VMC – Considerations and setting up a lab environment

A few months back, I setup a Horizon Environment running in our VMC environment used for lab purposes. Since then, I’ve been asked by several people to go through the setup. So, I’ve also decided to create a blog post on the matter.

This blog post will cover the considerations for running VMware Horizon on VMC, and the technical setup itself of the lab environment I created.

Update 4th May: I recorded a session for the London VMUG on this subject, which you can watch here.

Topics covered;

  • Horizon 7 on VMware Cloud on AWS is not DaaS
  • Horizon 7 on VMware Cloud on AWS Deployment Guide and Supportability
  • Feature Support
  • Horizon on VMC architecture
  • Platform Considerations
    • Identity Management
    • File Shares
    • Image management
  • Network Service
    • VMC Network Segments
    • Load Balancing
    • DHCP
  • Firewall Rules
    • Logging
  • Horizon Connection Broker Configuration
  • Some finl considerations
  • Further Resources
Horizon 7 on VMware Cloud on AWS is not DaaS

I will not cover the details of VMware Cloud on AWS (VMC) in this post, but you can read about it here.

Horizon 7 (or later), running on top of VMC, is not a Desktop-as-a-Service offering. For this, we have our Horizon Cloud offering, which currently supports Azure and IBM Cloud.

Horizon on VMC, acts the same as the on-prem offering, i.e. the same considerations and configurations as you would take, if you deployed Horizon in your own private datacentre.

You can stretch existing Horizon environments to also make use of the compute and storage in VMC, and setup Cloud Pod Architecture between the locations as well. Alternatively, you can run a full Horizon environment solely within VMC itself. By running within VMC, you also ensure your desktops are near in proximity to native AWS services, such as file services, global load balancing services to name some examples.

Horizon 7 on VMware Cloud on AWS is not DaaS Continue reading Horizon on VMC – Considerations and setting up a lab environment

visio networks

How to produce good documentation – Part 4 – Diagraming a network

So in my last post, I looked at how to record the logical information about your IP addresses and switchport locations, making it easier for troubleshooting in the future.

Now lets tackle the big one, how to produce good documentation when diagraming your network.

For this, I am going to use a real world example of a network I audited, and then made a visio diagram. Personally, I don’t believe this is one of the best visio diagram’s I have produced, however it includes a lot of various parts which I think are useful.

So below, you find the original hand drawn diagram as I was tracing cables and devices, and then the final product.

Note: Unfortunately I do not have the Visio file available for distribution used in this post.

The diagram

original diagramNetwork Diagram

Starting off

Continue reading How to produce good documentation – Part 4 – Diagraming a network

vmware

VMware NSX – Just an introduction

With my background in Networking and Virtualisation, VMware’s NSX is something which interests me deeply, as such I’ve attended a handful of sessions online, and also at the UK VMUG where Chris Whal presented on the subject.

Here’s my own interpretation of this new technology.

What is NSX?

Its software-defined networking, you don’t need to buy any hardware to implement it, although you do need a running VMware environment.

2014-11-30_22-00-16

Continue reading VMware NSX – Just an introduction

2014 11 05 21 43 35

How to produce good documentation – Part 2 – Rack and Server Diagrams

Oh no, diagrams! But, but, I’m not creative!

So we covered the foundation an environment in part 1, which is that hated word, which is documentation,

But that means you need diagrams, which is something most people struggle with, especially using Visio.

You’re not alone, I was the same, my documentation in my early days was shocking, and then I took on a consultancy role, where I was implementing solutions and having to produce documentation for customer. I had a steep learning curve.

So I’m going to take you into the first steps on how to diagram your Racks and the servers in them.

Visio and your stencils

So your going to need Visio, preferably 2013, but 2010 will be fine. And you need stencils of the hardware you’re creating a diagram of.

The best place to get 90% of your Visio Stencils is VisioCafe.

For others that do not appear on there, its easy enough to just google the vendor name plus Visio ;).

Here’s the file for the Visio diagrams.

Creating a diagram of your rack

So this is something I do for most of my customers, creating a diagram of the rack, mainly to show the bits I’ve stuck in, and so the customer knows which server is which, and then can refer to the rest of the document for what that bit of kit does.

2014-11-05_19-52-45 Continue reading How to produce good documentation – Part 2 – Rack and Server Diagrams

Cisco ASA – Allow traffic between two same security level interfaces

This is just a quick one,

A customer of mine has two companies running in the same building, using the same ISP connection, as such the Firewall is essentially the core of the network. I put in this network and although its not exactly best practise, its a case of making do with what they had and could afford.

Today he logged a support ticket stating he couldnt connect between two internal different subnets any more, (192.168.x.x and 172.16.x.x)

The fix for this was inputting the command; Continue reading Cisco ASA – Allow traffic between two same security level interfaces