Category Archives: Infrastructure

Why VMware?

This is the fourth installment of a series by Systems Team Lead Matt Peabody to begin to answer a question he hears all the time: “Why vendor X?”

“Why VMware?” is a question I hear from quite a few customers when starting with virtualization or looking at their current virtual infrastructure.  There are many competing hypervisors out there with Microsoft’s Hyper-V being a close second.  We believe VMware is the leader still building on the success of their ESX hypervisor over a decade ago.

1. Stability
The core ESXi product is as solid as embedded appliance operating systems like switches or routers.  VMware is a purpose-built appliance we load VMs onto, rather than an add-on to a current operating system.  Like all software companies, VMware has had some bugs, but their quick turnaround time and openness with these bugs helps a great deal.  They list known issues and fixes right on their site so they are easy to find and correlate with any issues that may be happening.

2. Management
With vCenter at the root for managing a VMware environment, there is a true single pane of glass for the entire infrastructure.  The VSphere Web Client combines management, monitoring, provisioning, compliance remediation, backup, DR, and many more things into a coherent and expansive interface. There are plugins for storage vendors, virtualized networking (NSX) and storage (VSAN).  VMware ESXi has some of the easiest clustering support to get an HA environment up and running in minutes with two clicks.

3. Security
VMware is a very security-minded company.  VMware has offerings in OS compliance with vRealize Operations Management, mobile device management with Airwatch, and even endpoint management with their Horizon Suite of products.  This allows them to manage and control your entire infrastructure from one platform.  Since VMware uses purpose-built, hardened appliances and applications, they have fewer patches and vulnerabilities, and they can keep their update cycle very rapid.

4. Vision
VMware is constantly leading with emerging technologies.  From their purchase of Nircira to form their NSX virtual networking platform to their creation of VSAN, their integrated hyper-converged platform, they are always ahead of the market in their vision for the future.  They quickly integrate new products into the fold of the company and still let those technologies shine and innovate.  VMware seems to be a few years ahead of the other members in their market, and it shows in their leadership.

VMware continues to excel and grow as a company as they expand their influence into areas other than compute virtualization.  They keep a tight integration with their products to stay ahead of competition and innovate in the evolving world of technology.

RIP 2003

As of July 14, 2015, Microsoft Windows Server 2003 support has come to an end. I’ll begin by saying Server 2003 was the server operating system I started working on when I joined the IT community around 2007.  My first experiences were installing new 2003 servers for my employer and learning how Microsoft behaved in the server operating system space.

We were still installing server 2003 onto hardware, recovering failed installs, and installing into virtual platforms well into the 2008 lifecycle.  Since I then worked for a training facility, there were many classes still based on the 2003.  During this transition, I helped customers and students get used to the new user interface while trying to convince them that PowerShell, the revamped interface, and Server Manager were actually more efficient.

Now, with the last Server 2003 installs nearly gone (I know there are some stragglers out there and we can help with that transition), it is the end of an era for a very solid piece of software.  I know I’ll enjoy the new features Server 2016 brings us in the near future.  I’ll also be glad when I don’t have to show people on my team how to use DCPromo from the install disc or where Microsoft hid the install binaries in the i386 folder.

Matt Peabody, Systems Engineer & Team Lead

HPN Guides School Districts Through E-Rate Process

For years, school districts and libraries have been augmenting their telecommunication budgets with funds provided by the Universal Service Fund through the E-Rate program.  In 2014, the program was modernized to include internal connections under Priority 2.  This modernization funds school districts’ and libraries’ efforts to modernize their wired and wireless connections in proportion to their free and reduced lunch (FRL) student population.

The new funding formula provides $150 per student over five years multiplied by the organization’s FRL ratio. For example, if a district’s FRL ratio is 8 out of 10 students – or 80% – and the district has 10,000 students, it is eligible for up to $120,000 over 5 years (10,000 X $150.00 X .80). The district will need to contribute $30,000 to receive the $120,000 in this example.  These funds are available one time during the five year period, either all at once or distributed over the course of five years. Most districts are applying for their portion in the first year due to uncertainties about the programs funding over the 5 years.

A district needs to begin the process by filing a Form 470 stating their intent to procure Priority 2 funds for an internal project. This form allows vendors to bid for that project. Because districts are only required to abide by their purchasing policies, this is not necessarily an RFP process. As school districts choose a preferred vendor, they submit a Form 471 by the E-Rate deadline, April 16, 2015.  Once the Universal Service Administrative Company returns an intent to fund letter, the work can be scheduled.

Most districts choose a consultant to help them navigate these new and complex waters. This program provides opportunity for districts that have traditionally not been able to upgrade their technology due to financial or staffing constraints.  It also presents a challenge in deciding on the new technology to be used and how to implement it.  This is where a Value Added Reseller (VAR) like High Point Networks comes in.  HPN has been helping school districts improve their infrastructures for over ten years.

We have both the experience and engineering staff to successfully design, implement and support a variety of internal installations. The new E-Rate rules allow for a dizzying array of options to help students make the best use of the technology. Our staff brings their many years of school district experience to bear in designing a solution tailored to each individual district’s needs. We then implement that solution, train staff in its day to day operation, and also back it up with our own support staff. Whether it involves wireless or wired networks, unified communications, server storage or security, High Point Networks is looking forward to partnering with more school districts to enable the success of students and staff in our communities.

HP to Acquire Aruba Networks; HPN ‘business as usual’

“HP to Acquire Aruba Networks to Create an Industry Leader in Enterprise Mobility” – this was the headline Monday. Seems like an interesting and bold move by a company who doesn’t exactly have the greatest track record with acquisitions (Tipping Point, 3Com, and Opsware to name a few). To be honest, when the rumblings of this event first hit my desk a week ago, I may or may not have let a few select words slip!

Upon taking a step back, we all have to realize that mergers and acquisitions are part of the world we live in, and the technology space is not immune. We like to refer to it as shaking things up a bit. The publicly available information related to the HP/Aruba deal sounds really good – the founder and all the upper management of Aruba plan to stay on long term, and ultimately intend to lead the combined wired and wireless business of HP. If these plans become the reality, the result could be good for everyone. At this time, High Point Networks has no plans to change direction, and is continuing to certify our staff on various components of the Aruba product line (Clearpass, Mobility Controllers, pre-sales design, post-sales support, etc). In fact, we will very soon have completed everything necessary to achieve the highest level in the Aruba Networks Partner Program.

Aruba Networks is hosting their “Atmosphere” Partner Community event this week in Las Vegas, where I’m sure we’ll hear all about the new plans as they stand today. We will keep you posted on what we hear! In the meantime, it’s business as usual.

Tom McDougall, President & CEO, with Justin Fetsch, Vice President of Sales

Read the full announcement here.

Simple, Comprehensive Network Access Control with Aruba ClearPass and Juniper Networks

Aruba ClearPass is a best-of-breed network access control platform built around open standards, with multi-vendor interoperability a primary design element. And, when paired with a Juniper Networks access layer? The power and flexibility is industry-leading. Juniper EX-series switches have several advantages over other vendors, such as device configuration simplicity, full user accounting, real-time threat detection, intercept and redirection, and a strong, growing partnership between Aruba and Juniper Networks.

Different equipment has different strengths for specific applications. In this scenario, we imagine a customer who requires very firm control of their access network. They need the following:

  •  Access to specific network resources controlled by role and user or device identity
  • Remediation networks so that workstations may be repaired before joining the corporate network
  • Full visibility into user- and machine-based authentication and login activities anywhere on the network
  • Simple, repeatable configuration across many access network devices, such as switches
  • Real-time detection and remediation of threats

The last two items are where Juniper EX-series switches shine. They make use of industry-standard authentication tools such as 802.1x and RADIUS Change of Authorization, giving them the ability to change port configuration in real time, programmatically, as any authorized, standards-compliant external system commands. For ClearPass access control, this means the included health monitor can cause immediate remediation and redirection on the network access equipment, thus protecting critical data and resources the moment a threat is detected. Switches lacking this feature require an authentication interval before access can be programmatically revoked. Depending on configuration, this is typically at least several hours, and sometimes a day or longer.

In today’s fast-paced threat environment, this is risky.

Full RADIUS accounting support also means ClearPass knows where a user is logged in at any time, on any port, for how long, how much data has been transferred, and so on. This means one can simply query ClearPass and instantly see where and how the user is accessing from. For other vendors lacking this data, ClearPass can only show login attempts. This also means ClearPass cannot direct a network port to close or redirect, because it cannot know if the user is actively logged in at the time a threat is detected.

Does your access network support this level of intelligence?

Configuration management is also another strong point of the EX-series. Most importantly, all the intelligence for a port configuration can be stored in ClearPass, meaning the individual switches need not be hand-configured for every user move, add, removal, etc. Further, EX-series switches share the Junos operating system with other enterprise- and carrier-grade hardware, and this extends down to configuration management. Junos supports templating and cloning and has since its inception. In ideal environments, the only thing that need be configured is the switch’s management identity. Everything else—including trunking uplinks, spanning tree, access profiles and more—can be configured with a single template and enforced and operated programmatically, be it on device, via SSH or NETCONF, or a management platform such as Junos Space.

Does your organization have a complex and highly dynamic access network? Would you like to gain control and visibility into who is connecting, where, when, how, and what they are doing? Would you like to ensure all connected entities are properly remediated, in real time and as threats are detected? And would you like to ensure they have access only to the network resources they need?

Aruba ClearPass provides the solution, and Juniper EX-series switches can enable the full capability with a programmatic, consistent, standards-based and adaptive platform.

Improving Education With Network Data Analytics

Educational technology has revolutionized teaching and learning. With so much rapidly-changing technology in today’s classroom, it’s important to track the results, in order to build on the successful implementations and phase out what’s not working. That’s why analytics and student assessment are so important in education. With products like Extreme Networks’ Purview, it can be a simple matter to capture the data you need and graphically display it or format it into a report. Unlocking that data can bring enormous benefits for improving educational outcomes.

Network analytics tell you which technologies, devices, and software are being used most and which are generating the best results. These analytics help you understand what the students are doing throughout the day. What are the most successful students up to that others could learn from?

At Educause 2014, Fontys Hogescholen described how his IT staff members were transformed into folk heroes through the creative and engaging use of Wi-Fi analytics. Hogescholen’s group helped students use network analytics for projects like tracking student activities across campus to correlate demographic data with behavior and even effect change. The concept of analytics is helping usher in the era of competency-based education (CBE), enabling students to master skills at their own pace.

Data and network analytics are essential, not just for network managers, but also for teachers, curriculum directors, superintendents, principals, CFOs and students. Teachers can quickly see which applications are actually being used during class time and make sure the applications are running fast and responsively. Teachers can explore how activities and application usage varies among their students during the day and compare their respective results.

District superintendents, principals, and curriculum directors use the analytics to preparing for new technology-related initiatives, like video, digital text books, and online testing. During online testing it can be absolutely critical to have a realtime view into network dynamics. Should an issue arise, Purview can determine whether the problem is at the student device, within the network, at the local servers, due to an Internet connection, or caused by the remote servers administering the test.

The district or university finance managers use Purview to analyze the cost effectiveness of expensive software licenses. How often is the software used; how many simultaneous users are there; who and what departments are using it? Finance managers can also use the analytics to project capacity needs for investment planning.

The network analytics available today are especially valuable for IT leadership and the help desk. The IT staff can spot bottlenecks even before users are affected. The staff can keep shadow IT at bay by insuring that only approved network and user devices are active on the network. Rogue IT devices can be easily located and disabled.

Purview provides a single dashboard to show what’s happening across your school district or university network. It records what applications are being run by whom with full data on the locations and times. This is provided without taking away any performance from the network. The detailed view into the network provided by analytics solutions like Purview gives IT the ability to provide students, teachers, administration, and all users with the network experience they demand.

By Bob Nilsson, Extreme Networks