BSA Best Practices Webinars Distributed Installations Sean Berry Customer Engineering

Similar documents
BSA Sizing Guide v. 1.0

Best Practices: BSA Compliance

Atrium Webinar- What's new in ADDM Version 10

vrealize Suite Lifecycle Manager 1.1 Installation, Upgrade, and Management vrealize Suite 2017

Securing the Data Center against

Why Firewalls? Firewall Characteristics

VMware Mirage Getting Started Guide

SnapCenter Software 4.0 Concepts Guide

vrealize Suite Lifecycle Manager 1.0 Installation and Management vrealize Suite 2017

Edge Device Manager R15 Release Notes

Securing Containers Using a PNSC and a Cisco VSG

Vendor: Citrix. Exam Code: 1Y Exam Name: Designing Citrix XenDesktop 7.6 Solutions. Version: Demo

Enterprise Information System Services Enterprise System Disaster Recovery Scheme. System Requirement Overview

Quick Note 52. Connecting to Digi Remote Manager Through Web Proxy. Digi Product Management February 2017

Session 7: Configuration Manager

Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide

VMware Mirage Getting Started Guide

Syncplicity Panorama with Isilon Storage. Technote

Consultant Scanner Personal Edition. User Guide

FOR INTERNAL USE ONLY STANDARD OPERATING PROCEDURE WINDOWS OFFLINE PATCHING (VPC 7.4.3)

Install and upgrade Qlik Sense. Qlik Sense 3.2 Copyright QlikTech International AB. All rights reserved.

Secure VFX in the Cloud. Microsoft Azure

DRaaS AllConnected Veeam Solutions Overview

Upgrading Your Skills to MCSA: Windows Server 2016

akkadian Provisioning Manager Express

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Securing Containers Using a PNSC and a Cisco VSG

HySecure Quick Start Guide. HySecure 5.0

Using Splunk and LOGbinder to Monitor SQL Server, SharePoint and Exchange Audit Events

Introducing VMware Validated Designs for Software-Defined Data Center

EXAM Recertification for MCSE: Desktop Infrastructure. Buy Full Product.

1Y Designing Citrix XenDesktop 7.6 Solutions

Introducing VMware Validated Designs for Software-Defined Data Center

CMB-207-1I Citrix Desktop Virtualization Fast Track

CONFIGURING IBM STORWIZE. for Metadata Framework 6.3

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

System requirements for Qlik Sense. Qlik Sense September 2018 Copyright QlikTech International AB. All rights reserved.

WebLogic Security Top Ten

FUJITSU Cloud Service K5 - API Management Service Description

MOC 20417B: Upgrading Your Skills to MCSA Windows Server 2012

Interoute Use Case. SQL 2016 Always On in Interoute VDC. Last updated 11 December 2017 ENGINEERED FOR THE AMBITIOUS

Connect the Appliance to a Cisco Cloud Web Security Proxy

Installation Prerequisites

Dell EMC Ready System for VDI on XC Series

Introducing VMware Validated Designs for Software-Defined Data Center

AD FS v3. Deployment Guide

Microsoft EXAM Securing Windows Server 2016 (beta) m/ Product: Demo. For More Information:

Vishal Shirodkar Technology Specialist Microsoft India Session Code:

Best Practices: Demonstrating Value with BSA

Cisco Prime Service Catalog Virtual Appliance Quick Start Guide 2

ForeScout Extended Module for IBM BigFix

FUJITSU Cloud Service K5 - API Management Service Description

Release Notes. NovaBACKUP Network Version July 2017

CernVM-FS beyond LHC computing

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Building a Successful SQL Server Lab. Ted Krueger Principal Consultant

ForeScout Extended Module for IBM BigFix

This guide details the deployment and initial configuration necessary to maximize the value of JetAdvantage Insights.

The Device Has Left the Building

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Deploying VMware Mirage : Tips and Tricks for Success

Pentaho and Microsoft Azure

IPS Packaging for Oracle Solaris 11

microsoft. Number: Passing Score: 800 Time Limit: 120 min.

StorageCraft OneXafe and Veeam 9.5

IBM Tivoli Netcool Service Quality Manager V4.1.1

Distributed System. Gang Wu. Spring,2018

Disaster Recovery-to-the- Cloud Best Practices

COURSE OUTLINE IT TRAINING

TeamWorks Planning Your Deployment Best Practices. March 2019

What s New in Catalogic ECX 2.5

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Yahoo Traffic Server -a Powerful Cloud Gatekeeper

Azure Webinar. Resilient Solutions March Sander van den Hoven Principal Technical Evangelist Microsoft

Vendor: Microsoft. Exam Code: Exam Name: Implementing a Desktop Infrastructure. Version: Demo

<Insert Picture Here> Configuration Manager Installation Process

BMC Remedyforce Discovery and Client Management. Frequently asked questions

Merchandising Server 2.2

Remove complexity in protecting your virtual infrastructure with. IBM Spectrum Protect Plus. Data availability made easy. Overview

70-647: Windows Server Enterprise Administration. Course Overview. Course Outline

vsphere Update Manager Installation and Administration Guide 17 APR 2018 VMware vsphere 6.7 vsphere Update Manager 6.7

BMC BladeLogic for Cisco UCS. Tore Brynaa Business Solution Manager, BMC Software

Symantec Backup Exec Blueprints

Installation Prerequisites

Agile Platform 6.0 System Requirements

MDM Partner Summit 2015 Oracle Enterprise Data Quality Overview & Roadmap

Veeam and Azure Better together. Martin Beran Senior Systems Engineer; Czechia/Slovakia/Hungary

LENS Server Maintenance Guide JZ 2017/07/28

NGFW Security Management Center

Windows Server 2012 Hands- On Camp. Learn What s Hot and New in Windows Server 2012!

RELEASE NOTES SHORETEL MS DYNAMICS CRM CLIENT VERSION 8

BMC Configuration Management (Marimba) Best Practices and Troubleshooting. Andy Santosa Senior Technical Support Analyst

SRA Virtual Appliance Getting Started Guide

Configuration Guide. BlackBerry UEM Cloud

Sophos Web Appliance Configuration Guide. Product Version Sophos Limited 2017

Paperspace. Architecture Overview. 20 Jay St. Suite 312 Brooklyn, NY Technical Whitepaper

Zadara Enterprise Storage in

Data Protection Guide

System requirements for Qlik Sense. Qlik Sense June 2018 Copyright QlikTech International AB. All rights reserved.

Agenda. This Session: Azure Networking Basics, On-prem connectivity options DEMO Create VNET/Gateway Cost-estimation for VNET/Gateways

Transcription:

BSA Best Practices Webinars Distributed Installations Sean Berry Customer Engineering

Agenda Overview Use Cases Repeaters Repositories Proxies Copyright 5/11/2013 BMC Software, Inc 2

Overview

Use Cases Provisioning - Large payloads that don t change Software Deployment - Software installed many times File / Directory Deployment - Large files Content Deployment at scale - Web content or many many files Patch Remediation Copyright 5/11/2013 BMC Software, Inc 4

Distributed Data Center Challenges Network bandwidth/latency between data centers Firewalls to prevent/manage internet access Air gapped environments Overlapping IP networks, Service Provider managed networks - Multiple customers, same IP networks - Remote networks - Low bandwidth management networks Large (1.5GB+) software packages & patch clusters Copyright 5/11/2013 BMC Software, Inc 5

Where do I configure this? Copyright 5/11/2013 BMC Software, Inc 6

Repeaters

Repeater Overview Typical Use Case: - Multiple data centers, typical remote DC has >100 servers, often 1000 or more - Bandwidth between data centers is not always super fast - Software / Patch / Large file deployments Requires: - Indirect Staging checkbox - Repeater Routing Rules Copyright 5/11/2013 BMC Software, Inc 8

BMC Server Automation (BladeLogic) Repeaters for Remote Networks C O N S O L E M I D T I E R N O D E S Copyright 5/11/2013 BMC Software, Inc 9

Job Types Uses Repeaters: - File Deploy Job - BLPackage (BL)Deploy Job - Software Deploy Job - Compliance Remediation (but not Compliance Audit/Analysis) - Provisioning (deploy jobs) Doesn t use Repeaters: - Patching (can t use Advanced Repeaters) - Snapshot / Audit - Compliant (audit) - Provisioning (initial) Copyright 5/11/2013 BMC Software, Inc 10

Standard Repeaters Requirements: - NSH installed (install NSH/RSCD vs. just RSCD on UNIX) - 5 10GB disk space - Reasonable local network performance - Routing Rules Data flow - App > Repeater > Target Repeater related property commonly used Typical Routing Rules - By network - By data center Copyright 5/11/2013 BMC Software, Inc 11

Standard Repeater Data Flow Job > Staging phase If Indirect Staging is checked, and a Repeater Routing Rule is in effect, the Repeater will be used. App server copies file(s) from file server to Repeater s staging directory if needed. (once per Repeater) Files copy from Repeater staging area to the target server(s). Job > Commit phase completes same as for a direct staged deploy. Copyright 5/11/2013 BMC Software, Inc 12

Advanced Repeaters Based on Marimba technology Features: - Bandwidth Control - Partial transfers Requirements: - Access back to core infrastructure - Must be able to resolve DNS name of Advanced File Server - Adv. File Server standup Config Process: - Stand up AFS - Add AR - Create Routing Rule - Test! Includes Standard Repeater functionality Not usable for Patching as of 8.3 Copyright 5/11/2013 BMC Software, Inc 13

Proxies

Proxy Overview Typical Use Cases: - Any time direct network access isn t available - Getting through the fence / Transiting a gateway - Not for use in true air gapped environments Application proxies (SOCKS/HTTP/NSH) vs. transparent proxies Copyright 5/11/2013 BMC Software, Inc 15

HTTP Proxy HTTP - Patch Metadata & Payloads - SQUID, NTLM, NTLMv2 - May require explicit hostnames - Offline downloaders Copyright 5/11/2013 BMC Software, Inc 16

SOCKS Proxy Overlapping IP address networks SOCKS Demo https://communities.bmc.com/community/bmcdn/bmc_service_autom ation/server_configuration_automation_bladelogic/blog/2012/11/30/h ow to use socks proxies with bsa to deal with firewalls andoverlapping ip ranges Routing rules, proxy rules. Copyright 5/11/2013 BMC Software, Inc 17

BMC Server Automation (BladeLogic) SOCKS Proxy for Restricted Networks C O N S O L E M I D T I E R N O D E S Copyright 5/11/2013 BMC Software, Inc 18

NSH Proxy NSH - Security tool used to audit & manage direct access to servers - Exports syntax (including subnet) Logging Access Control Appservers > NSH Proxy Bastion Hosts Copyright 5/11/2013 BMC Software, Inc 19

Repositories

Remote File Repositories Typical files: - SQL Server 2008 installer: 2GB, only ~400MB used during install - Large install packages - OS with small staging directories, cf. AIX Access Methods: - SMB - NFS - URL formations Caveats: - DMZ - Potentially more than one package to manage Copyright 5/11/2013 BMC Software, Inc 21

Patch Repositories Provide potentially significantly faster / lower overhead access to payloads Configure in Catalog Update Job Local (Primary) Patch Repository Remote Patch Repository - May use an existing share - NFS or SMB - Local network path to payloads (vs. via central data center) - May be unsuitable for DMZs or security sensitive environments Copyright 5/11/2013 BMC Software, Inc 22

Offline Downloaders Acquire Patch Content external to the appserver environment Metadata & Payloads Internet access elsewhere Air gapped Copyright 5/11/2013 BMC Software, Inc 23

Best Practices Webinars Home Best Practices Webinars https://communities.bmc.com/communities/docs/doc 21692 Date Subject Area 30 October 2012 BSA Deployment Architecture 4 December 2012 Best Practices for BSA Maintenance and Cleanup 8 January 2013 Demonstrating Value with BladeLogic 5 February 2013 Best Practices for Patching 5 March 2013 Best Practices for Compliance and Change Tracking 7 May 2013 Provider BSA for Distributed Installations: Wide Area & Service Deployment: Repeaters, Proxies and Repositories 11 June 2013 BSA RBAC & Access Control: RBAC Best Practices & Use Cases 9 July 2013 BSA Reporting: Use Cases, Scalability & Common Custom Reports 6 Aug 2013 BSA Provisioning: Setup, Use Cases & BP 10 Sep 2013 BSA Software Packaging: Custom Software, OS Platform Packages Copyright 5/11/2013 BMC Software, Inc 24

Learn more at www.bmc.com Copyright 5/11/2013 BMC Software, Inc 25

Copyright 5/11/2013 BMC Software, Inc 26

Index Repeaters - Standard Reduces duplicate copies over WAN links Copy once to repeater, copy many times over (faster) local link - Advanced Bandwidth Control Repositories - Patch Repos Some platform dependency (Case sensitivity) Patch Helpers - Remote File/Software Mount at Install Time SMB or NFS mount (show sample URLs) Potentially much faster local install No staging required, execute immediately Not usually practical for DMZs Proxies - HTTP Patch Metadata & Payloads SQUID, NTLM, NTLMv2 May require explicit hostnames Offline downloaders - SOCKS https://communities.bmc.com/community/bmcdn/bmc_service_automation/server_configuration_au tomation_bladelogic/blog/2012/11/30/how to use socks proxies with bsa to deal with firewalls andoverlapping ip ranges - NSH Security tool used to audit & manage direct access to servers Exports syntax (including subnet) Copyright 5/11/2013 BMC Software, Inc 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback