Secure by Default – Why did it take something like GDPR to do this?

I look at Twitter, and see everyone talking about the massive amounts of emails surrounding the changes companies are having to make as a result of GDPR. What is GDPR? Well if you like to read legislation, you can start here: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN. That’s a lot of info and legalese. One of the things that I took… Read More »

Understanding vSAN Encryption – KMS Server Accessibility

vSAN 6.6 introduced data at rest encryption as a new feature that provides another choice (in addition to VM Encryption introduced in vSphere 6.5) for customers to secure data in vSphere. Despite the fact that these technologies work a bit differently (per datastore for vSAN Encryption or per VM for VM Encryption) these technologies still… Read More »

Understanding the vSAN Witness Host – Traffic Tagging

With 2 Node and Stretched Cluster vSAN, a vSAN Witness Host is used. This can be a physical vSphere host or a VMware provided virtual appliance. Using the vSAN Witness Appliance is easy, does not require any additional licensing, and has much of the configuration standardized (sizing, disks, tagged ports). A second VMkernel port (vmk1)… Read More »