VM’s going in Suspended state

I created a Resource Cluster in my Lab a while ago. The use case for this is to place all my Desktop OS VM and vCloud Director Resources into this Cluster. The issue I started to see is that most of the Virtual Desktops would have an Yellow exclamation mark and the vCPU Mhz usage would be 0 Mhz. This initial did not bug me at first and ignored it as i was not using my Desktops that much. But I was doing a POC on Deep Security as a Service where I used my Lab to connect to the ISP Deep Security Instance to test some policies. During the testing this worked well…but the next morning I got connection...
Continue reading »

Deep Security : DSVA Availability options

This topic comes up a lot on our internal and at client conversations. How to ensure the DSVA is available ? For those that don’t know, some points on the DSVA : DSVA = Deep Security Virtual Appliance One DSVA per ESXi host Is used for the offloading of the Malware scanning (the basic function) Below is some design considerations that I would have taken into account  in a VMware environment to ensure the DSVA is available and alerts is send out. Some of these options involve placing the host into MA mode, some restarts the DSVA and some just send out an alert. DSVA Heartbeat The DSVA have a default policy that you can modify. The options to review is...
Continue reading »

Deep Security : DSM Server Memory design considerations

In the last 2 weeks I have been ask by a few clients about the memory allocation for the Deep Security Manager(DSM). There is two things to this : Memory allocated the the DSM Operating system (Lets assume Windows for this blog) Memory allocated to the DSM JVM DSM Operating System Memory Depending on you deployment size and modules that you will be using the DSM OS memory should be around 8-12Gb. The DSM service is a JVM so if you running DSM inside a VM(vs Physical server) you can consider to set reservations (I am not advocating the use of reservations…but do read up on JVM in a virtual environment). DSM Memory configuration The DSM JVM by default will...
Continue reading »

vExpert : What I did with my HP VSA

When I started with this “Home Lab Storage Upgrade Project” of mine I did no have the HP VSA in mind at all. I was looking for “something” that would give me better speed/io response times from a disk perspective. Not so much space (Space I can get easily with larger disks). Looking at my Lab config I did not realize at the time was the number of HP Equipment I have in my Home Lab. Here is just a few : HP DL 380 G7 Server (74gb memory installed) – Management Host/Cluster 2x HP Micro servers – my “storage units” 6x HP Dual Port Intel Nic’s So back onto the HP VSA. As part of the vExpert Program we...
Continue reading »

Deep Security : Best Practice Guide

I had a few questions over the last few months on Deep Security Deployment options, Sizing and General Configuration options. I thought that I would publish the link to our Trend Micro Deep Security Best Practice Guide. The guide have been recently updated to reflect all the new enhancements. Here is an extract of the Guide : Deep Security provides a single platform for server security to protect physical, virtual, and cloud servers as well as hypervisors and virtual desktops. Tightly integrated modules easily expand to offer in-depth defenses, including anti-malware, web reputation, intrusion prevention, firewall, integrity monitoring, and log inspection. It is available in agent-less and agent-based options that can all be managed through a single console across physical, virtual,...
Continue reading »