Monday, January 29, 2018

Petr's new beginning

Mostly evidence that I'm writing it on my way from Europe

It’s been awhile since my last post, and I owe explanation where I spent my last 2.5 months. Now on my flight back from Europe I finally have time to put an update together. I hope for a short update, however can’t guarantee it.

2017 was an awesome year for me, I had an opportunity to stop my career from stalling and eventually following of the cliff to the miserable state when you go to work for one single reason, called “paycheck”. My family and myself are so lucky that currently we can afford such pause in career and find something that interests me.

The goal was to take few months easy, work 20-30 hours a week, blog, spend time with my beautiful baby and wife. It was surprising to find such a high demand in the IT security market in Vancouver. So needless to say – it was difficult to balance between lucrative contract opportunities, family and continuous learning.

When I was asked if I want to start a permanent job – it was close to impossible to explain to recruiters, HR people etc, that I would go for another full time permanent job if it’s the right company – meaning awesome and modern product, culture of doers (not a paycheck collectors), and ability to be an influencer of the product direction.

My job dating game was going for a long time, but it wasn’t a right fit, right opportunity, right location (or working remotely possibility) or right skillset. And again, because I didn’t have an urge to land a new job, I took it at as a quest for perfection. Interview questions (or mostly at this level – great conversations with my peers and industry influencers) allowed me to rethink what I want to do and formulate my ideal job.

And my patience was rewarded when first through innocent tweet around “BADaaS” t-shirt I found
an exciting company AVI Networks and their ADC (Application Delivery Controller – next generation of Load balancers). Everything about the product excites me – SDN architecture, support of multiple Public Clouds, Native Container form factor and support of container orchestration engines, integrations with VMware NSX and Openstack. Also company culture and very interesting set of customers confirm that it’s a dream place for me to be.

My role with AVI Networks becoming one of the first TAMs – where I can bring my past TAM experience and contribute in building the strongest TAM program in the industry. People I met at AVI Networks are all superstars and together we’re able to make AVI Customers the happiest customers in the industry.

I started on December 4th and drinking out of firehose. Due my previous plans and obligation we’re away for family vacation for two weeks, then it was Christmas and now I spent another 10 days in Europe dealing with a long unfinished business in Russia. (I can't call it a vacation)

Now I’m done with my travels and look forward to focus on AVI Customers, Product and TAM Program.  Please excuse me but my blogging in the next little while will be all around AVI Vantage platform, integrations and use cases. If you want to join AVI – here is an URL and email me directly if you’re interested.

Saturday, November 11, 2017

Early November 2017 - Events and Technologies review

It seems that this week I had more events that one can possibly attend, and it should be few weeks to process. Someone mentioned to me recently that the technology is moving so fast and no one cares if you were Exchange 2003 guru 14 years ago, your skills need to be current in technology and it means continuous training all the time. So pour us technology guys who have to learn how to socialize.

It’s official – my application has been approved and I’m Vancouver VMUG Leader among with two other exceptional individuals – hope to get more interesting topics and speakers to be brought to VancouverVMUG next year. I already got a lot of support from Western Canada VMware team and community! Thank you Everyone!

We’ve considered doing another small event this year however the holiday season is approaching rapidly – it will make sense to do the next event in 2018. In my packet pushers blog post – I’ll cover Datrium and Rubrik technologies that were presented at Vancouver VMUG meeting this week.

TechVancouver had a couple of very inspirational talks one from Jeremy Baker (Retail Zipline) on mentorship. For me the most interesting part of Jeremy’s experience is view on Silicon Valley from a Canadian who’s born and raised in BC – very eye-opening remarks around culture, approaches, past and future of the tech. Also, Francis Dupuis, President & CEO of PayByPhone almost  sconfession presentation reminded me that most of technologists forget about everything else when the technology is cool – it’s definitely an alarm that I wish was embedded in my head. The rest of the talks also was very interesting and touched the points that don’t cross my mind daily.

Another thing this week is iTech conference Vancouver – unfortunately due my other obligations I couldn’t listen to too many sessions.

The Global Knowledge presentation on IT Pro’s in 2017 was interesting in terms on how traditional education service is trying to pivot their offering and to interest the market. Also it was news to me the Global Knowledge acquired ctc   Also I had real fun listening to Pierre Roman from Microsoft on Serverless, Microservices and Containers. The whole presentation was “We (Microsoft) are telling the developer community on how to build a new generation applications but we’ll not inform you that the approach comes from others such as Netflix and Amazon”. I decided to not get on fire by asking if the speaker considers Exchange, SQL, Sharepoint to be monolithic applications and if there are any plans to build new versions in form of microservices so Microsoft can demonstrate the power of the approach through their own applications.

Additionally I attended a couple of InfoSec meetings and talks that kept reminding us that unfortunately the factor of luck is a big component of success in any security program. However I learned few practical advices and going to publish those discoveries when I can.

Tuesday, November 7, 2017

URL List and coming. Back to blogging

After a few weeks of silence with an exception of a blog post at Packet Pushers on my return from FireEye conference . The reason for it is mostly there was no opportunity to sit down and get organized due multiple streams of work and life.

It always scares me that I’ll run out of topics to write but so far it didn’t happen. So I have few topics in the  pipeline but I need a bit more time to complete them.

The biggest market shaking announcement this week is VMwareintent to acquire SD-WAN vendor VeloCloud Networks  - I’m still trying to wrap my thoughts around this move – Packet Pushers discussed few very positive observations here
lso working on a security project on audit of AWS deployment - pretty new to me but exciting and energizing!

Below is the list of Interesting URL’s in last few weeks:

I’ll work on updates for my packet pusher community blog page and report here as soon as I have some published. 

Friday, September 29, 2017

Securing Windows 10, Mesos on GCP and NFS Storage VMotion

This week I was mostly working on securing Windows 10 built 1703 enterprise image. It’s unbelievable how hard the customers pushed to use the product the vendor way. It really comes to hardcore tweaking and almost hacking the OS.  Collection of few hardening URLs that I come across and might help others are here:
  •           Disable Edge Icon in IE –
  •           Disable EDGE start pages -
  •           Customizing Start Menu through XML file -
  •           PowerShell script to remove “Standard Applications” that have are very similar to Office 365 products (Mail, Calendar, Skype, Notes etc) -
  •           Very helpful set of Microsoft assets for hardening Windows 10 (v1703) -
  •           Previous version of the URL above with more details on differences between 1608 and 1703-

The second project that was touched by me (not planned) is Google Cloud Platform (GCP). It started with preparing my refresh of Mesos/Marathon Tutorial that I did run already in 2015 just before Openstack summit in Vancouver. The tutorial that time required Vagrant to run locally, vagrant was using Oracle VM Box. In 2015 I wanted to use VMware Workstation and bought Vagrant module for VMware workstation and spent some time tweaking it to get the tutorial running. This week when started reviewing preparation steps I discovered that now AWS, GCP and others can be used. I have a significant amount of free GCP credits – so I started setting up Mesos in GCP.  

I’m almost done with the setup and will blog about it when it’s all working. But the experience so far was BREATHTAKING – I can’t stop saying “this is so cool” to myself while deploying VMs in GCP, configuring automation through Ansible and deploying Mesosphere pieces.

Switching topics - I was approached a colleague of mine, virtualization architect and former customer with the question around VMware Storage VMotion traffic flow in NFS Environment. It was interesting research project and I’m writing about my blog post on Packet Pushers

Finally few awesome reads for this week:

Thursday, September 14, 2017

Office 365 - probing security and some useful links

Busy week, with not too many technology event.

Mostly spent digging into packet pushers community blog
Sourcefire systems and I'll share my findings as soon as I discover value in this technology. Also had fight hackers or phishers with Office 365 ATP - details on

Few good reads this week:

Also I attended Vancouver security meeting around DEFCON - now I feel really bad I decided to not attend this year and now it's definitely on my plan for 2018.

Hopefully I'll have more to share next week!

Friday, September 8, 2017

First week of September - random notes

Labor day long weekend completely messed up my calendar as an  addition to random personal obligations. It provided me with no way to focus on anything specific. However to keep my blog going I’ll try to summarize shortly what happened this week around me in terms of technologies.

Kubernetes meetup at Hootsuite headquarters was pretty good – listened to Kelsey Hightower  and watched live demo of project Envoy

Other talk was around persistent storage and containers given by Gordon Klok from PaxAutoma The topic is still highly controversial for me as it doesn’t make a lot of sense to have persistent data when your application is Elastic Cloud Native API driven container system.

It all inspired me to play with Kubernetes on my local Windows system. Project MiniKube  worked as a charm (after I moved to 0.21 version as 0.22 had some file permission issues). The best manual on running Minikube on Windows 10 or 7 is here

After playing with it for awhile I came up to realization that GCP is another equal issue for my experiments (since I still have over US$400 in credits).

Another completely separate thing I was working this week on is nawk – my customer’s security department dumping windows logs to linux machine and than querying them using Linux basic tools. My linux console drove me crazy as copy/paste were working weird. So I ended up copying logs back to windows machine and using Cygwin64 which has gawk instead of nawk but also allows me to pipe to linux native operators such as sort, uniq and grep!

My task was to provide count of all machines that had over 10 failed login attempts during August. Logs were enormous (as we are talking of 25K+ users) but the command returns results under 5 minutes mark – pretty impressive.

gawk -v pat="2017\t4625" '$0 ~ pat' userlog.2017-09-07 | gawk -F" " '{print $4, $17}' | sort | uniq -c | sort -nr 

And lastly few interesting articles to absorb:

Friday, September 1, 2017

Value of being NSX vExpert

This week was mostly spent at VMworld – re-connecting and catching up with old friends and meeting new people. 

My industry discoveries can be found on Packet Pushers 

I haven’t been to any VMworld session for several years – as VMware employee I was over loaded during most of my previous events - looking after my customers, organizing meeting between customers and VMware PMs, working at VMware booth etc. 

Also being departed from VMware recently I still feel that my exposure to the content has not expired yet and there is no immediate need to go to the sessions. I got Expo Only pass (that doesn’t allow to go to the sessions, Wednesday party and meals).

Trip highlights were vExpert meetingsNSX vExpert community afternoon on Tuesday was awesome – great coverage of NSX-T and AppDefense – thank you VMware NSBU! 

Also vEspert party allowed to get introduced to some long term vExperts! – more on vExpert Event here 

Additionally I felt really connected with folks at BigSwitch – they rented suite on 60th floor of Mandalay
Bay with an amazing view and invited vExpert to relax with them while consuming tasty drinks, enjoying the view and chatting. BigSwitch technology and culture felt really clicking with me a lot! (Petr version 2017).

In general it was very successful trip – I wish my meetings were scheduled more efficiently, so I would be to see more people. And lets try to keep in touch!