Saturday, November 11, 2017

Early November 2017 - Events and Technologies review

It seems that this week I had more events that one can possibly attend, and it should be few weeks to process. Someone mentioned to me recently that the technology is moving so fast and no one cares if you were Exchange 2003 guru 14 years ago, your skills need to be current in technology and it means continuous training all the time. So pour us technology guys who have to learn how to socialize.

It’s official – my application has been approved and I’m Vancouver VMUG Leader among with two other exceptional individuals – hope to get more interesting topics and speakers to be brought to VancouverVMUG next year. I already got a lot of support from Western Canada VMware team and community! Thank you Everyone!

We’ve considered doing another small event this year however the holiday season is approaching rapidly – it will make sense to do the next event in 2018. In my packet pushers blog post – I’ll cover Datrium and Rubrik technologies that were presented at Vancouver VMUG meeting this week.

TechVancouver had a couple of very inspirational talks one from Jeremy Baker (Retail Zipline) on mentorship. For me the most interesting part of Jeremy’s experience is view on Silicon Valley from a Canadian who’s born and raised in BC – very eye-opening remarks around culture, approaches, past and future of the tech. Also, Francis Dupuis, President & CEO of PayByPhone almost  sconfession presentation reminded me that most of technologists forget about everything else when the technology is cool – it’s definitely an alarm that I wish was embedded in my head. The rest of the talks also was very interesting and touched the points that don’t cross my mind daily.

Another thing this week is iTech conference Vancouver – unfortunately due my other obligations I couldn’t listen to too many sessions.

The Global Knowledge presentation on IT Pro’s in 2017 was interesting in terms on how traditional education service is trying to pivot their offering and to interest the market. Also it was news to me the Global Knowledge acquired ctc   Also I had real fun listening to Pierre Roman from Microsoft on Serverless, Microservices and Containers. The whole presentation was “We (Microsoft) are telling the developer community on how to build a new generation applications but we’ll not inform you that the approach comes from others such as Netflix and Amazon”. I decided to not get on fire by asking if the speaker considers Exchange, SQL, Sharepoint to be monolithic applications and if there are any plans to build new versions in form of microservices so Microsoft can demonstrate the power of the approach through their own applications.

Additionally I attended a couple of InfoSec meetings and talks that kept reminding us that unfortunately the factor of luck is a big component of success in any security program. However I learned few practical advices and going to publish those discoveries when I can.

Tuesday, November 7, 2017

URL List and coming. Back to blogging

After a few weeks of silence with an exception of a blog post at Packet Pushers on my return from FireEye conference . The reason for it is mostly there was no opportunity to sit down and get organized due multiple streams of work and life.

It always scares me that I’ll run out of topics to write but so far it didn’t happen. So I have few topics in the  pipeline but I need a bit more time to complete them.

The biggest market shaking announcement this week is VMwareintent to acquire SD-WAN vendor VeloCloud Networks  - I’m still trying to wrap my thoughts around this move – Packet Pushers discussed few very positive observations here
lso working on a security project on audit of AWS deployment - pretty new to me but exciting and energizing!

Below is the list of Interesting URL’s in last few weeks:

I’ll work on updates for my packet pusher community blog page and report here as soon as I have some published. 

Friday, September 29, 2017

Securing Windows 10, Mesos on GCP and NFS Storage VMotion

This week I was mostly working on securing Windows 10 built 1703 enterprise image. It’s unbelievable how hard the customers pushed to use the product the vendor way. It really comes to hardcore tweaking and almost hacking the OS.  Collection of few hardening URLs that I come across and might help others are here:
  •           Disable Edge Icon in IE –
  •           Disable EDGE start pages -
  •           Customizing Start Menu through XML file -
  •           PowerShell script to remove “Standard Applications” that have are very similar to Office 365 products (Mail, Calendar, Skype, Notes etc) -
  •           Very helpful set of Microsoft assets for hardening Windows 10 (v1703) -
  •           Previous version of the URL above with more details on differences between 1608 and 1703-

The second project that was touched by me (not planned) is Google Cloud Platform (GCP). It started with preparing my refresh of Mesos/Marathon Tutorial that I did run already in 2015 just before Openstack summit in Vancouver. The tutorial that time required Vagrant to run locally, vagrant was using Oracle VM Box. In 2015 I wanted to use VMware Workstation and bought Vagrant module for VMware workstation and spent some time tweaking it to get the tutorial running. This week when started reviewing preparation steps I discovered that now AWS, GCP and others can be used. I have a significant amount of free GCP credits – so I started setting up Mesos in GCP.  

I’m almost done with the setup and will blog about it when it’s all working. But the experience so far was BREATHTAKING – I can’t stop saying “this is so cool” to myself while deploying VMs in GCP, configuring automation through Ansible and deploying Mesosphere pieces.

Switching topics - I was approached a colleague of mine, virtualization architect and former customer with the question around VMware Storage VMotion traffic flow in NFS Environment. It was interesting research project and I’m writing about my blog post on Packet Pushers

Finally few awesome reads for this week:

Thursday, September 14, 2017

Office 365 - probing security and some useful links

Busy week, with not too many technology event.

Mostly spent digging into packet pushers community blog
Sourcefire systems and I'll share my findings as soon as I discover value in this technology. Also had fight hackers or phishers with Office 365 ATP - details on

Few good reads this week:

Also I attended Vancouver security meeting around DEFCON - now I feel really bad I decided to not attend this year and now it's definitely on my plan for 2018.

Hopefully I'll have more to share next week!

Friday, September 8, 2017

First week of September - random notes

Labor day long weekend completely messed up my calendar as an  addition to random personal obligations. It provided me with no way to focus on anything specific. However to keep my blog going I’ll try to summarize shortly what happened this week around me in terms of technologies.

Kubernetes meetup at Hootsuite headquarters was pretty good – listened to Kelsey Hightower  and watched live demo of project Envoy

Other talk was around persistent storage and containers given by Gordon Klok from PaxAutoma The topic is still highly controversial for me as it doesn’t make a lot of sense to have persistent data when your application is Elastic Cloud Native API driven container system.

It all inspired me to play with Kubernetes on my local Windows system. Project MiniKube  worked as a charm (after I moved to 0.21 version as 0.22 had some file permission issues). The best manual on running Minikube on Windows 10 or 7 is here

After playing with it for awhile I came up to realization that GCP is another equal issue for my experiments (since I still have over US$400 in credits).

Another completely separate thing I was working this week on is nawk – my customer’s security department dumping windows logs to linux machine and than querying them using Linux basic tools. My linux console drove me crazy as copy/paste were working weird. So I ended up copying logs back to windows machine and using Cygwin64 which has gawk instead of nawk but also allows me to pipe to linux native operators such as sort, uniq and grep!

My task was to provide count of all machines that had over 10 failed login attempts during August. Logs were enormous (as we are talking of 25K+ users) but the command returns results under 5 minutes mark – pretty impressive.

gawk -v pat="2017\t4625" '$0 ~ pat' userlog.2017-09-07 | gawk -F" " '{print $4, $17}' | sort | uniq -c | sort -nr 

And lastly few interesting articles to absorb:

Friday, September 1, 2017

Value of being NSX vExpert

This week was mostly spent at VMworld – re-connecting and catching up with old friends and meeting new people. 

My industry discoveries can be found on Packet Pushers 

I haven’t been to any VMworld session for several years – as VMware employee I was over loaded during most of my previous events - looking after my customers, organizing meeting between customers and VMware PMs, working at VMware booth etc. 

Also being departed from VMware recently I still feel that my exposure to the content has not expired yet and there is no immediate need to go to the sessions. I got Expo Only pass (that doesn’t allow to go to the sessions, Wednesday party and meals).

Trip highlights were vExpert meetingsNSX vExpert community afternoon on Tuesday was awesome – great coverage of NSX-T and AppDefense – thank you VMware NSBU! 

Also vEspert party allowed to get introduced to some long term vExperts! – more on vExpert Event here 

Additionally I felt really connected with folks at BigSwitch – they rented suite on 60th floor of Mandalay
Bay with an amazing view and invited vExpert to relax with them while consuming tasty drinks, enjoying the view and chatting. BigSwitch technology and culture felt really clicking with me a lot! (Petr version 2017).

In general it was very successful trip – I wish my meetings were scheduled more efficiently, so I would be to see more people. And lets try to keep in touch!

Friday, August 25, 2017

Going to VMworld!

Last minute decision – waited for stars to come together… But they never did… 

Anyway – going to VMworld for Sunday (August 27, 2017) - Tuesday (August 29, 2017) and look forward to re-connect to as many folks as possible – please reach out to me if you’re going to be there. 

Please ping me via LinkedIn or VMworld application if you'd like to meet!

On another note – my last post on fast route of learningGCP, Kubernetes and Docker just went live on Packet Pusher’s community blog!