15 Responses

  1. VMware SRM 5 encounters potential security conundrum - The Virtualization Room

    [...] all protected virtual machines that will have their IP changed during recovery,” according to the blog post by Michael Webster, a VMware Certified Design Expert and director of IT Solutions 2000 Ltd., a [...]

  2. Duncan Epping (@Dunc
    Duncan Epping (@Dunc at |

    fixed DHCP based on mac... simple and effective :-)

    Reply
    1. @vcdxnz001
      @vcdxnz001 at |

      Hi Duncan, Great suggestions as always. That would certainly work in some instances, and I should have included it. I think in the environments that are concerned with VIX API, they may also disallow DHCP. A lot of environments block this at the switch and insist on static IP addresses. But in a DR situation in may well be acceptable dependent on customer requirements to at least in the short term relax that in some cases. May not work so well with spoofguard in vShield App either. I know some customers have some creative dynamic routing to get around this currently.

      Reply
    2. Julian Wood (@julian
      Julian Wood (@julian at |

      Agreed, I wonder why more companies don't just use DHCP with reserved IPs based on MAC for all servers. DR...done...

      Reply
  3. @vcdxnz001
    @vcdxnz001 at |

    Risk of DHCP Spoofing is the main reason. I've had another suggestion which is use the existing vCenter OS Customization specifications and call them via a script. This still uses the old method and may well work. Just not sure how well this would scale, and it adds a few more moving parts. VXLAN when available and certified to EAL4+ may well solve this problem also.

    Reply
    1. Gary Blake
      Gary Blake at |

      I have to agree, DHCP is a very effective way to address the IP change. I've just completed a deployment with one of my customers doing just that across a multi-tier SAP implementation. DHCP spoofing is certainly a risk but if a company is that concerned about security they would have a lot of other measures in place to help mitigate that risk. But then that said I'm not a security expert !!

      Reply
  4. vSphere Security Hardening Policy and Site Recovery Manager 5 | UP2V

    [...] more about this at the blogposting of  Michael Webster, a VMware Certified Design Expert and director of IT Solutions 2000 Ltd., a [...]

  5. dconvery
    dconvery at |

    I didn't do the survey, but wanted to voice my opinion. Each item in the guide is a RECOMMENDATION. This is NOT the Gospel According to VMware. It should be added as a recommended item, but should have a note/comment that it will break the functionality of SRM. Some people view this stuff as a requirement and don't consider the constraints each decision places on the next decision. Leave it up to the designer to decide not to comply with the VIX recommendation and provide justification for it.

    Reply
    1. @vcdxnz001
      @vcdxnz001 at |

      Hi Dave, I agree. However external auditors and organizations without full knowledge of the impact often make the call as to which recommendations must be applied. Also it is often a requirement to meet certain regulations. In these situations there may be little room to maneuver. Then there is the fact that it's the vSphere Hardening Guide, and doesn't take into account other VMware Products. I will ask VMware to include a note re breaking SRM functionality with this particular recommendation though, given it's now well known.

      Reply
  6. vSphere 5 Security Hardening Guide – Public Draft « Long White Virtual Clouds

    [...] may remember that I recently commented about the VIX API impact on SRM in my article – vSphere Security Hardening Policy and SRM 5, and this was also picked up on by Tech Target in VMware SRM 5 encounters potential security [...]

  7. FY
    FY at |

    We need a protocol to provide safe and reliable IP change service.

    Reply
    1. FY
      FY at |

      I am unsure whether it is good to let the vNIC driver having the capability of changing IP by responding to fail over requirements from SRM.

      Reply
      1. @vcdxnz001
        @vcdxnz001 at |

        Hi Fo, It's not the vNIC driver that does this, it's SRM doing it via VIX. It's just changing the IP address inside the Guest OS when the VM is recovered and powered on at the recovery site, which is in a different IP subnet. This is not necessary with stretched layer 2, but many companies don't have that available and do need to change IP's. vSwitch Security configuration also needs to be taken into account.

    2. @vcdxnz001
      @vcdxnz001 at |

      Hi Fo, We do have a safe an reliable IP change service via VIX. Provided the proper security controls around it's use are implemented. It's also possible via vCenter Customization Scripts.

      Reply
  8. blocksandbytes
    blocksandbytes at |

    I have to agree with Gary. We use DHCP across all our production servers (with reservations) and it has made the integration with SRM 5 and failover of VMs so easy. Best of all the MAC address of the VM doesn't change during failover to a different virtaul center so you can specify IP addresses with reservations in advance for DR too if you wish.

    Reply

Leave a Reply