Postcard from Berlin

Source: Meraki-Cisco

Cisco Live is quite an event, attracting tens of thousands of visitors everywhere it goes as it rolls around the globe, from Europe, to Australia, the United States and Mexico. In fact, the event is so popular that it’s even spawned its own offshoot, Cisco Connect, which this year adds Singapore, Toronto and Egypt to the list of cities covered. The Meraki team attends every Cisco Live, and as many of the other official Cisco events as possible. It’s certainly enough to keep us constantly busy, either attending or preparing to attend.

We arrived in a bitterly cold Berlin, a beautiful and fascinating city, still evolving following the reunification of Germany at the beginning of the 1990s. Here’s a shot from one of the newly rebuilt areas now very popular with tourists, Potsdamer Platz:

potsdamerplatz

On arrival at the venue for Cisco Live we discovered day one had been dubbed ‘Cloud Day’. How appropriate!

Cloud Day

It was time to get set up in the World of Solutions. As usual, our stand was cleanly designed, adorned with iMacs on which to showcase the Meraki Dashboard. The design approach we employ at events is quite deliberate. Whilst our lineup of APs, switches, security appliances are beautiful pieces of hardware in their own right, once deployed the real attention moves to the day-to-day management experience, where our full stack dashboard really shines. For demonstrating the functionality of the dashboard, and our Mobile Device Management software, Systems Manager, there’s nothing better than a large screen browser display:

Berlin stand

Our stand was staffed by a mixture of marketing (technical and events staff), sales, systems engineers, members of our product teams, and even our illustrious leader, Todd. With such a broad team we were comfortably able to attend to everyone who visited our stand, and boy did they come! By the end of the week we’d had hundreds of interesting conversations with customers, partners and prospects, amounting to almost 1000 expressions of interest! It was good to let our hair down after all that!

Merakians at CLEUR

As well as the stand, members of the team were also spread around the venue attending customer meetings, delivering in-depth breakout sessions or perhaps just catching their breath over a coffee. The pace was relentless.

CLEURbreakout

The Cisco Live bandwagon now moves down under to Melbourne, and once again the Meraki team will be clocking up the air miles and heading over to what promises to be another huge event. We look forward to seeing you at a Cisco event, or indeed one of the many other industry events we attend during the year.


Postcard from Berlin

Disruption Is Here. Now What?

Source: Cisco
Technological change is accelerating at an unprecedented speed, creating a world we can barely begin to imagine. Yesterday the PC and the Internet brought us desktop applications, search engines, e-commerce, e-mail and messaging, social networking, SaaS business applications, and many other services. Today we’re in the middle of the mobile era. Our smartphones give us remote control access to mobile messaging, mobile social networking, and on-demand services like ride sharing. Are you ready for a new world where the convergence […]Disruption Is Here. Now What?

You Are a Target

Source: SANS security tip
You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
You Are a Target

Reporting an Incident

Source: SANS security tip
Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If a phone call from the “Help Desk” doesn’t sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! Your security team is there to help you. The sooner you report an incident, the sooner we can help resolve the problem.
Reporting an Incident

Forwarding Emails

Source: SANS security tip
When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.
Forwarding Emails

Set Sail with Meraki Switches

Source: Meraki-Cisco

Sail-Switch-e

Over the past few years, you’ve heard us regularly highlight the benefits of having intelligent switches in your network. We will forever stand by smart switching! When (not if) something goes wrong, smart switches provide unparalleled visibility and troubleshooting, allowing for speedy resolutions. Switches tie your network together, and it’s time for them to do more.

We want you to experience the magic for yourself! In addition to getting a free PoE switch for attending eligible Introduction to Cloud Managed Switching webinars, for a limited time we are also offering a special switch licensing promotion for first-time Meraki switch customers. Do you have Meraki wireless, security, or MDM? Are you totally new to Meraki? Either way, welcome aboard! We invite you to set sail with Meraki switches.

From now until 7/30/16, first-time Meraki switch customers who buy any MS switch with a 1-year cloud management license are eligible to be upgraded to a 5-year license at no additional cost. That’s 4 years on us! Customers in the US, CA, LATAM, and EMEAR are eligible – APJ, hang tight, we’re coming for you soon. Simply ask your Meraki rep or reseller about the ‘Meraki 5 Year Switch Licensing Promotion.’

Check out meraki.com/setsail for more information. We hope to welcome you to the Meraki switching family soon!


Set Sail with Meraki Switches

Cisco Showcases “Innovation, Customer Traction and Partnership Success” at MWC 2016

Source: Cisco
Jetlag is way over rated, and in Barcelona there is tremendous enthusiasm for Cisco here at Mobile World Congress . This week, we are showing how we’re delivering on our strategy of helping service providers drive profitable business outcomes in today’s digital world and keep pace with an industry undergoing unprecedented change: Innovation— With the launch of multiple technologies, including the Ultra Services Platform with customers Deutsche Telecom, SK Telecom and Orange , as well as announced plans to build a 5G router with Ericsson and Intel for Verizon’s industry-leading 5G program . Customer momentum— Multiple customer wins with several top-tier service providers and mobile operators, including DT, SK Telekom, […]Cisco Showcases “Innovation, Customer Traction and Partnership Success” at MWC 2016

Using Veeam FastSCP for Microsoft Azure with Azure Resource Manager

Source: Veeam

When Veeam released Veeam FastSCP for Microsoft Azure a couple of months ago, we still deployed our VMs (virtual machines) in the classic ASM (Azure Service Management) model. Microsoft recently released a new model called ARM (Azure Resource Manager). I’m not going into depth about the differences between the two models, but I did want to point out that a VM deployed in the ASM model is deployed differently in the ARM model.

Microsoft views the ARM model as the future to deploy new compute resources. Unfortunately, because of the differences in deployment, Veeam FastSCP for Microsoft Azure doesn’t work anymore out-of-the-box. For this reason, you’ll need to make some changes inside the VM to get it working again.

Here is the procedure to take advantage of Veeam FastSCP for Microsoft Azure with Microsoft ARM-deployed VMs.

Create firewall rules

In the classic model, firewall rules were called endpoints, and they needed to be created per VM. In the ARM model, you can create a security group that you can use to create firewall rules for all VMs in that resource group.

In my example, I have a resource group called Veeam-VMBP and I created a network security group with the exact same name. Here, you’ll want to add an inbound rule to make sure that your traffic is from the computer where you are running FastSCP to the VM on port 5986 (default HTTPS Windows Remote Management).

Veeam VMBP - network security group

As an example, see the below rule that I created:

Add inbound security rule

Install or create a (self-signed) certificate and enable PowerShell remoting

In the classic model, when you deploy a VM, PowerShell remoting is configured for you. In the new model it is not, so you will need to do it yourself.

NOTE: This process will vary, depending on whether you use a publicly signed o self-signed certificate. Since most cases are with a self-signed certificate, I will discuss this variation. When you want to use a publicly signed certificate, the process is much easier because you only need Set-WSManQuickConfig –UseSSL to get things working.

Below you will see the PowerShell one-liners I used to configure my deployed Windows Server 2012 R2:

  • $Cert = New-SelfSignedCertificate -CertstoreLocation Cert:LocalMachineMy -DnsName "FastSCP-Server"
  • Export-Certificate -Cert $Cert -FilePath C:tempcert
  • Enable-PSRemoting -SkipNetworkProfileCheck –Force
  • New-Item -Path WSMan:LocalHostListener -Transport HTTPS -Address * -CertificateThumbPrint $Cert.Thumbprint –Force
  • New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Name "Windows Remote Management (HTTPS-In)" -Profile Any -LocalPort 5986 -Protocol TCP

Some explanation:

  • The first line creates a self-signed certificate with the DNS name of my server (in this case, FastSCP-Server). It then stores it in the certificate store.

NOTE: Add the certificate details to a variable called $Cert to use it further.

  • The second line exports the certificate to a location (in this case C:temp). If you have an error on this line, note that the directory has to exist upfront, it will not be created.
  • Third line will enable PowerShell remoting. I used the -Force to skip the user prompts and -SkipNetworkProfileCheck to ensure that PowerShell doesn’t complain when your network connection type is public (which it probably will be)
  • The fourth line creates the HTTPS listener, which won’t be created automatically, only the HTTP listener and connects the certificate to it
  • Finally, the fifth line creates a new Windows Firewall rule that opens Windows Remote Management over HTTPS

And Poof! You can once again use Veeam FastSCP for Microsoft Azure.

Connecting to the server

Below you can see that I can connect to my server again and I have access to the data on my VM.

Veeam FastSCP for Microsoft Azure

Conclusion

Veeam FastSCP for Microsoft Azure works out-of-the-box when used with a Microsoft Azure VM deployed in the classic model. However, when you deploy a VM in the Azure Resource Manager model, things are a bit different and Remote PowerShell is not configured anymore. To be able to take advantage of Veeam’s solution, you will first need to take a few quick steps to manually enable it.

Using Veeam FastSCP for Microsoft Azure with Azure Resource Manager

Lenovo Unveils New Way for Users to Connect Across Devices, Networks and Borders

Source: Lenovo

Barcelona – February 21, 2016: Lenovo (HKSE: 992) (ADR: LNVGY) today announced a new global wireless roaming service called Lenovo Connect. A long-time mobile virtual network operator (MVNO), Lenovo will now offer Lenovo Connect, a seamless communication service that works across devices, networks and borders for customers in China and EMEA. Lenovo Connect eliminates having to buy a separate SIM card and offers benefits such as low-priced global roaming and enhanced customer engagement by leveraging Lenovo’s Big Data and cloud services. It provides a simple, fast and cost-effective connectivity solution for companies of all sizes and mobile professionals to stay always connected. 
Lenovo Unveils New Way for Users to Connect Across Devices, Networks and Borders