cim1718-configuration management for your cloud using vcenter operations suite_final_us.pdf
TRANSCRIPT
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
1/41
Configuration
Management for YourCloud using vCenterOperations Suite
Shiv Agarwal, VMware, Inc.
Becky Smith, VMware, Inc.
OPS-CIM1718
#vmworldops
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
2/41
2
Disclaimer
This session may contain product features that are
currently under development.
This session/overview of the new technology represents
no commitment from VMware to deliver these features in
any generally available product.
Features are subject to change, and must not be included in
contracts, purchase orders, or sales agreements of any kind.
Technical feasibi lity and market demand will affect final delivery.
Pricing and packaging for any new technologies or features
discussed or presented have not been determined.
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
3/41
3
Agenda
Introduction to vCenter Operations Suite
Operations Management Configuration andCompliance challenges in the Cloud
Addressing these challenges with vCenter
Configuration Manager (vCM): Integrated Virtual and Cloud Infrastructure
Comprehensive Operating Systems
Automated Operations
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
4/41
4
VMware Cloud Management A Differentiated Approach
Service
Provisioning
Automate the
provisioning of
infrastructure,
applications anddesktops as a service
Operations
Management
Adopt embedded,
converged
management for the
Software DefinedDatacenter
Business
Management
Govern and manage
cloud services as a
critical element of
running IT like abusiness
Simple, automatedmanagement for
heterogeneous and
hybrid clouds
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
5/41
5
AUTOMATED Management
vCenter Operations Management Suite Value Proposit ion
COMPREHENSIVE Management
INTEGRATED ManagementPhysical
Private
Cloud
Public
VMware
vCloud
Public
Cloud
vSphere and Non-
vSphere based clouds
Tightly integrated to manage the Software Defined Data Center
Comprehensive to manage heterogeneous and hybrid cloud environments
Highly automated to reduce Opex and Capex
Virtual Infrastructure
Virtual Datacenter
Software Defined
Networking &
Security
Software Defined
Storage &
Availability
Cloud Infrastructure
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
6/41
6
An Extensible, Automated Operations Management Solution that
Supports Hybrid, Heterogeneous Clouds
vCenter Operations Management Suite
Unified Operations Console
(with Single Sign On)
Performance
Common Services
Capacity
App visibility Reporting LogsInventory Orchestration
Extensibility:
APIs, SDKs
3rd Party
Adapters
Content
Packs
Cost Config Compliance
vCenter Operations Management Suite
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
7/41
7
Customer Configuration and Compliance Concerns
We have fully embraced
virtualization but ensuringcompliance with PCI,HIPAA, and a raft of securitybest practices consumesmassive amounts of myteams time.
We lack visibility into our
virtual environment and theincreased velocity ofchange has made ourchange managementprocess extremelychallenging.
Ensuring that all our
systems - includingrunning VMs, offline VMsand VM Templates - are allproperly patched is sourceof ongoing concern for mystaff.
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
8/41
8
vCenter Configuration Manager (vCM)
Compliance andRemediation to
Lower Risk
Manage and Control
Virtualization
Change Management
to Mitigate Outages
Harden Environmentto Reduce Threats
and Breaches
Provisioning &Patching inline with
Compliance to
EliminateVulnerabilities
Operational Efficiency & Tool Consolidation
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
9/41
9
VCM supports Private, Public and Hybrid Cloud Models
vSphere
DMZ
HIPAA
Private Cloud Public Cloud
vSphere
Consumer
vSphere change managementand compliance assurance for
both Consumer and Provider
Ability to leverage the cloud for
compliant sensitive work loads
Ability to manage guests across
Clouds
Guest compliance
Patching
Change management
Benefit
Provider
Compliance visibility
across owned
infrastructure and all
guests
Compliance visibility across
owned infrastructure
VMware
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
10/41
10
Integrated Virtual and Cloud
Infrastructure Configuration and
Compliance Management
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
11/41
11
Configuration Management Across Virtual Infrastructure
Configurations for the entire
virtual infrastructure
Across Multiple vCenters & VMwarevCloud Directors
1,000s of Sett ings and
Configurations collected for:
vCenter
vSphere Hosts
vSphere Guests
Virtual Network Settings
Virtual Storage Settings
Host Profiles
vCloud Director
vShield (vShield App securitygroups and members)
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
12/41
12
Configuration Management Simplif ied Visualization
vSphere Host Summary Dashboard
Provides overall vSphere Hosts Configuration Summary
State of the
HostsMakeup of the
Environment
Host
Compliance
Posture
Drillin for
Details
VI Admin: What is the status of my HOSTS in my environment? Is it what I expect?
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
13/41
13
Configuration Management Simplif ied Visualization
vSphere Guest Summary Dashboard
Provides overall VM Configuration/Status Summary across vCenters
Accurate OS
Counts
Guest
Metrics
VM Tool Status
VM
Compliance
Posture
Drill
in for
Details
VI Admin: How do I see visibility of at a glance guest configurations to find variants?
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
14/41
14
Virtual Environment Change Mgmt Dashboard
Virtual Environment Change Mgmt Dashboard
Unprecedented change management visibility across the VI vSphere, vCenter, vCD & vShield configurations
Filter by date ranges, object, parameter type
Magnitude of ChangesChanges by
Product and Type
Drill
in for
Details
VI & vCD Admins : Change is a real problem in my environment? How can I better understand it?
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
15/41
15
Configuration Remediations
Bulk actions across
multip le vCenters & ESX(i)servers at once
Change vCenter Settings
(e.g. snmp, vim password
expiration)
Change Host Sett ings (e.g.
syslog, adv settings)
Power On & Off VM
VM Snapshot Management
Take Snapshot
Revert to Snapshot
Delete Snapshot
VI Admins: How do fix VI problems when I see them?
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
16/41
16
Create Internal IT Best Practice Standards
vCM Compliance Management
Build compliance rules that meet your internal standards Across multiple vCenters and vCDs
VI & vCD Admins: How can I be made aware of unwanted change? Drive MY Best Practices
Create simple rules Rule Groups
Span your IT
Best Practices
Severity
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
17/41
18
Lets Walk Thru Specific Example
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
18/41
19
View Changes Across the Virtual Environment
Quickly understand what has changed
Date, Machine, Data Type
Uncover unwarranted virtual environment changes
SyslogDir, SyslogDirUnique, SyslogHost
Incorrect
Syslog
settings
Hover to see
specific ESX
property
Chose virtual
object:
vSphere Host
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
19/41
20
Remediate Misconfigurations Across the Virtual Environment
Change incorrect ESX settings from within vCM
Run on multiple hosts across multiple vCenters at once
Change ESX
Hosts Settings
Change across
multiple hosts
and vCenters
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
20/41
21
Verify and Track Changes
vCM verifies changes were successful
Confirm or t rack changes by
User, Date, Machine, Data Type
vCM init iated changes include User information
Users
Tracked
Times
Tracked
Select
Date
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
21/41
22
Automated and Ongoing Virtualization Compliance
Create IT Compliance to drive your IT Internal Standards
Create new
ComplianceRule
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
22/41
23
Automated and Ongoing Virtualization Compliance
Create IT Compliance to drive your IT Internal Standards
Create new
ComplianceRule
Chose Data
Type
1,000s of Data
Points
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
23/41
24
Automated and Ongoing Virtualization Compliance
Create IT Compliance to drive your IT Internal Standards
Create new
ComplianceRule
Chose Data
Type
1,000s of Data
Points
Build
Compliance
Rule
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
24/41
25
Virtual Environment Compliance Posture
Virtual Compliance Dashboard
Assess compliance status across vSphere & vCD environments vCenters, Clusters, Hosts, Datastores, VMs, vCD Orgs, vDCs & vApps
LatestCompliance
Results
VI & vCD Admins + Security Teams: Is my Virtual Infrastructure compliant?
View Results
in VI context Data Centers
Clusters vCD Orgs
vShield
Security
Groups
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
25/41
26
Out of the Box Standards Compliance
Center for Policy and Compliance
Out of the Box Templates
Use as is
Leverage to start yourInternal Standards
Use in Conjunction with yourInternal Standards
VI & vCD Admins + Security Teams: How can quickly I meet industry standards and guidelines?
CompliantVI
vSphereHardening
Guides vCM BestPractices
DISA ESX
PCI DSS 2.0for
vSphere/ESX
ISO 27002 -vSphere
Basel III -vSphere
CIS for ESX
FISMA ESX
GLBA ESX
HIPAA ESX
SOX ESX
ViewHardeningGuidelines
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
26/41
27
Comprehensive Operating System
Configuration and Compliance
Management
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
27/41
28
Configuration Management Across Operating Systems
Configurations for the OS
Across Virtual and Physical Servers
and Desktops
10,000s of Settings and
Configurations collected for:
Thisimagecannotcurrentlybedisplayed.
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
28/41
29
CaptureChanges
AssessReport
Remediate
Continuous Compliance of OS (Virtual and Physical)
Build & deploy compliant VMs from catalog
Assign more pol icies as needed
Specific for the role of the VM/app in theconsumers business
PCI, SOX, HIPAA, ISO, etc.
Continuous automated compliance
Regulatory: SOX, HIPAA, GLBA, FISMA,DISA, ISO
Industry: PCI DSS, NERC/FERC
Vendor hardening guides
Ongoing patch management guards against
known attacks Assess (Win, UNIX, Linux, MAC)
Deploy
Dashboards provide At-a-Glance posture
Catalog
Deploy
HIPAA
HIPAA
Add
Policy
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
29/41
30
Compliance Analysis and Remediation with vCM
View available
compliance
templates
Report on
overall
compliance
posture
Triage vital
issues toaddress for
critical
systems
Select PCI
compliance
analysis
results
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
30/41
31
Compliance Analysis and Remediation with vCM
View available
compliance
templates
Report on
overall
compliance
posture
Triage vital
issues toaddress for
critical
systems
Select PCI
compliance
analysis
results
Pinpoint what
systems failed
what checks
Fixcompliance
violations
M OS P hi A h E i
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
31/41
32
Manage OS Patching Across the Enterprise
Monitor and plan
patching from a
single location
M OS P t hi A th E t i
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
32/41
33
Manage OS Patching Across the Enterprise
Monitor and plan
patching from a
single location
Report on patch-level
status across the
enterprise (Unix, Linux,
Windows)
Select systems
and patches to
deploy
Centrally control
patching process
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
33/41
34
Automated Operations
P f T bl h ti i th C l t d Ch E t
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
34/41
35
Performance Troubleshooting with Correlated Change Events
Overview
Integration of vCenter
Configuration Manager andvCenter Operations
Manager
Correlate in-guest changeevents with performance
and health
Launch vCM in context toremediate configuration
changes
Benefits
Enable Operations toquickly understand and
remediate performance
issues arising from
configuration changes
Correlate
changes with
health scoresDrill down and
remediate in
VCM
C t O h t t W kfl t A t t C l O ti
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
35/41
37
vCenter Orchestrator Workflows to Automate Complex Operations
Manage vCenter VM Templates, Online and Offl ine VMs
vCM
vCO REST Plugin
and Workflows
APIs
Snapshot and Patch Check Compliance Provision new OS
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
36/41
38
Summary
A Variet of Personas can Benefit from VCM
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
37/41
39
A Variety of Personas can Benefit from VCM
For Infrastructure Admins
Templatize configuration settings for vSphere Hosts and vCenters. Replicate
settings from POC to Production. Consolidate configuration and execute large scale change operations across
multiple vCenters and Hosts
For Sys Admins
Patch and Standardize VMs or Physical Machines
Detect changes and drift from standard configuration
For Security Admins Define Hardening and Regulatory Compliance (HIPAA, PCI, etc) for VMs,
vSphere and Physical Machines
Report on compliance status and recommend remediation for non-compliance
vCenter Operations Management Suite
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
38/41
40
An Extensible, Automated Operations Management Solution that
Supports Hybrid, Heterogeneous Clouds
vCenter Operations Management Suite
Unified Operations Console(with Single Sign On)
Performance
Common Services
Capacity
App visibility Reporting LogsInventory Orchestration
Extensibility:
APIs, SDKs
3rd Party
Adapters
Content
Packs
Cost Config Compliance
vCenter Operations Management Suite
Be Sure To See
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
39/41
41
Be Sure To See
Other vCenter Operations Management Suite Sessions
Sesssion ID Title 1st Showing 2nd Showing
SS1020
Simplify and Automate How to Manage Services Across Multiple
Platforms and Clouds Monday 2:30pm
OPS-CIM2285
How to Improve Service Levels and Reduce Cost with vCenter
Operations Wednesday 2:00pm Thursday 12:30pm
OPS-CIM1564 Troubleshooting Using vCenter Operations Manager Tuesday 10:30am Wednesday 2:00pm
OPS-CIM1718
Configuration Management for Your Cloud using vCenter
Operations Suite Tuesday 3:00pm Thursday 2:00pm
OPS-CIM1926
5 Must Know Design Considerations for Planning Capacity When
You are 50% or More Virtualized Tuesday 3:00pm Thursday 2:00pm
OPS-CIM1940
Real World Stories of Operational Performance Troubleshooting ,Capacity and Configuration Management with vCenter Operations
Suite Wednesday 11:00am
HOL # Lab
HOL-OPS-01 Introduction to vC Ops Enterprise
HOL-OPS-02 Introduction to vCM Enterprise
HOL-OPS-05 Automated Operations for Virtualized
Datacenters
Demo Products ShowcasedHybrid Cloud Operations
Management
VMware vCenter Operations
Management Suite
VMware vFabric Hyperic
VMware vCenter Orchestrator
Cloud Security and
Compliance
VMware vCenter Configuration
Manager
Demos Hands On Lab
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
40/41
FILL OUT
A SURVEY
EVERY COMPLETE SURVEY
IS ENTERED INTO
DRAWING FOR A
$25 VMWARE COMPANY
STORE GIFT CERTIFICATE
-
7/27/2019 CIM1718-Configuration Management for Your Cloud using vCenter Operations Suite_Final_US.pdf
41/41
Configuration
Management for YourCloud using vCenterOperations Suite
Shiv Agarwal, VMware, Inc.
Becky Smith, VMware, Inc.
OPS-CIM1718
ld