UNC Health Care selects IGEL Universal Desktop Converter (UDC) and IGEL Universal Management Suite (UMS) for simplicity, cost-savings and security.

“The need to provide users with access to their desktops from any device anywhere, anytime is driving a growing number of IT organizations to migrate toward VDI environments,” said Simon Clephan, Vice President of Business Development and Strategic Alliances, IGEL. “One of the key advantages that IGEL brings to the table is the simplicity that comes from being able to manage an entire fleet of thin clients from a single console. Additionally, the IGEL Universal Desktop Converter provides IT organizations with the flexibility they need to convert any compatible thin client, desktop or laptop computer into an IGEL thin client solution, without having to make an upfront investment in new hardware to support their virtualized infrastructures.” 

UNC Health Care selected the IGEL UDC and UMS software for its Citrix VDI deployment following a “bake-off” between thin client solutions. “IGEL won hands down due the simplicity and superiority of its management capabilities,” said James Cole, Technical Architect, UNC Health Care. “And, because the IGEL UDC software is designed to quickly and efficiently convert existing endpoint hardware into IGEL Linux OS-powered thin clients, we knew that by selecting the IGEL solution we would also realize a significant reduction in our capital expenditures.”

Since initiating the deployment of the IGEL UDC and UMS software, UNC Health Care has also experienced significant time savings. “Prior to deploying the IGEL UDC and UMS software, it took our team 25-30 minutes to create a virtual image on each system, not counting the personalization of the system for each use case, now that process takes less than 10 minutes, and even less time when converting the system to VDI roaming,” added Cole.

Additionally, the ease of integration between the IGEL UDC and IGEL UMS with Citrix XenDesktop and other solutions offered by Citrix Ecosystem partners, including Imprivata, has enabled secure access to the health care network’s Epic Systems’ Electronic Medical Records (EMR) system.

A2U, an IGEL Platinum Partner, recently experienced a situation where one of its large, regional healthcare clients was hit by a cyberattack. “Essentially, malware entered the client’s network via a computer and began replicating like wildfire,” recalls A2U Vice President of Sales, Robert Hammond.

During the cyberattack, a few hundred of the hospital’s PCs were affected. Among those were 30 endpoints within the finance department that the healthcare organization deemed mission critical due to the volume of daily transactions between patients, insurance companies, and state and county agencies for services rendered. “It was very painful from a business standpoint not to be able to conduct billing and receiving, not to mention payroll,” said Hammond.

Prior to this particular incident, A2U had received demo units of the IGEL UD Pocket, a revolutionary micro thin client that can transform x86-compatible PCs and laptops into IGEL OS-powered desktops.

“We had been having a discussion with this client about re-imaging their PCs, but their primary concern was maintaining the integrity of the data that was already on the hardware,” continued Hammond. “HIPAA and other regulations meant that they needed to preserve the data and keep it secure, and we thought that the IGEL UD Pocket could be the answer to this problem. We didn’t see why it wouldn’t work, but we needed to test our theory.”

When the malware attack hit, that opportunity came sooner, rather than later for A2U. “We plugged the UD Pocket into one of the affected machines and were able to bypass the local hard drive, installing the Linux-based IGEL OS on the system without impacting existing data,” said Hammond. “It was like we had created a ‘Linux bubble’ that protected the machine, yet created an environment that allowed end users to quickly return to productivity.”

Working with the hospital’s IT team, it only took a few hours for A2U to get the entire finance department back online. “They were able to start billing the very next day,” added Hammond.

Each version of Windows and Windows Server showcases new technologies. The advent of PowerShell marked a substantial step forward in managing those features. However, the built-in graphical Windows management tools have largely stagnated - the same basic Microsoft Management Console (MMC) interfaces had remained since Windows Server 2000. Microsoft tried out multiple overhauls over the years to the built-in Server Manager console but gained little traction. Until Windows Admin Center.

WHAT IS WINDOWS ADMIN CENTER?
Windows Admin Center (WAC) represents a modern turn in Windows and Windows Server system management. From its home page, you establish a list of the networked Windows and Windows Server computers to manage. From there, you can connect to an individual system to control components such as hardware drivers. You can also use it to manage Windows roles, such as Hyper-V.

On the front-end, Windows Admin Center is presented through a sleek HTML 5 web interface. On the back-end, it leverages PowerShell extensively to control the systems within your network. The entire package runs on a single system, so you don’t need a complicated infrastructure to support it. In fact, you can run it locally on your Windows 10 workstation if you want. If you require more resiliency, you can run Windows Admin Center as a role on a Microsoft Failover Cluster.

WHY WOULD I USE WINDOWS ADMIN CENTER?
In the modern era of Windows management, we have shifted to a greater reliance on industrial-strength tools like PowerShell and Desired State Configuration. However, we still have servers that require individualized attention and infrequently utilized resources. WAC gives you a one-stop hub for dropping in on any system at any time and work with almost any of its facets.

ABOUT THIS EBOOK
This eBook has been written by Microsoft Cloud & Datacenter Management MVP Eric Siron. Eric has worked in IT since 1998, designing, deploying, and maintaining server, desktop, network, and storage systems. He has provided all levels of support for businesses ranging from single-user through enterprises with thousands of seats. He has achieved numerous Microsoft certifications and was a Microsoft Certified Trainer for four years. Eric is also a seasoned technology blogger and has amassed a significant following through his top-class work on the Altaro Hyper-V Dojo.

Scripting and PowerCLI are words that most people working with VMware products know pretty well and have used once or twice. Everyone knows that scripting and automation are great assests to have in your toolbox. The problem usually is that getting into scripting appears daunting to many people who feel like the learning curve is just too steep, and they usually don't know where to start. The good thing is you don't need to learn everything straight away to start working with PowerShell and PowerCLI. Once you have the basics down and have your curiosity tickled, you’ll learn what you need as you go, a lot faster than you thought you would!

ABOUT POWERCLI

Let's get to know PowerCLI a little better before we start getting our hands dirty in the command prompt. If you are reading this you probably already know what PowerCLI is about or have a vague idea of it, but it’s fine you don’t. After a while working with it, it becomes second nature, and you won't be able to imagine life without it anymore! Thanks to VMware's drive to push automation, the product's integration with all of their components has significantly improved over the years, and it has now become a critical part of their ecosystem.

WHAT IS PowerCLI?

Contrary to what many believe, PowerCLI is not in fact a stand-alone software but rather a command-line and scripting tool built on Windows PowerShell for managing and automating vSphere environments. It used to be distributed as an executable file to install on a workstation. Previously, an icon was generated that would essentially launch PowerShell and load the PowerCLI snap-ins in the session. This behavior changed back in version 6.5.1 when the executable file was removed and replaced by a suite of PowerShell modules to install from within the prompt itself. This new deployment method is preferred because these modules are now part of Microsoft’s Official PowerShell Gallery. 7 These modules provide the means to interact with the components of a VMware environment and offer more than 600 cmdlets! The below command returns a full list of VMware-Associated Cmdlets!

With digital transformation a constantly evolving reality for the modern organization, businesses are called upon to manage complex workloads across multiple public and private clouds—in addition to their on-premises systems.

The upside of the hybrid cloud strategy is that businesses can benefit from both lowered costs and dramatically increased agility and flexibility. The problem, however, is maintaining a secure environment through challenges like data security, regulatory compliance, external threats to the service provider, rogue IT usage and issues related to lack of visibility into the provider’s infrastructure.

Find out how to optimize your hybrid cloud workload through system hardening, incident detection, active defense and mitigation, quarantining and more. Plus, learn how to ensure protection and performance in your environment through an ideal hybrid cloud workload protection solution that:

•    Provides the necessary level of protection for different workloads
•    Delivers an essential set of technologies
•    Is structured as a comprehensive, multi-layered solution
•    Avoids performance degradation for services or users
•    Supports compliance by satisfying a range of regulation requirements
•    Enforces consistent security policies through all parts of hybrid infrastructure
•    Enables ongoing audit by integrating state of security reports
•    Takes account of continuous infrastructure changes

There are a number of limitations today keeping organizations from not only lifting and shifting from one cloud to another but also migrating across clouds. Organizations need the flexibility to leverage multiple clouds and move applications and workloads around freely, whether for data reuse or for disaster recovery. This is where the HYCU Protégé platform comes in. HYCU Protégé is positioned as a complete multi-cloud data protection and disaster recovery-as-a-service solution. It includes a number of capabilities that make it relevant and notable compared with other approaches in the market:

• It was designed for multi-cloud environments, with a “built-for-purpose” approach to each workload and environment, leveraging APIs and platform expertise.
• It is designed as a one-to-many cross-cloud disaster recovery topology rather than a one-to-one cloud or similarly limited topology.
• It is designed for the IT generalist. It’s easy to use, it includes dynamic provisioning on-premises and in the cloud, and it can be deployed without impacting production systems. In other words, no need to manually install hypervisors or agents.
• It is application-aware and will automatically discover and configure applications. Additionally, it supports distributed applications with shared storage. 

Companies have NAS systems all over the place—hardware-centric devices that make data difficult to migrate and leverage to support the business. It’s natural that companies would desire to consolidate those systems, and vFilO is a technology that could prove to be quite useful as an assimilation tool. Best of all, there’s no need to replace everything. A business can modernize its IT environment and finally achieve a unified view, plus gain more control and efficiency via the new “data layer” sitting on top of the hardware. When those old silos finally disappear, employees will discover they can find whatever information they need by examining and searching what appears to be one big catalog for a large pool of resources.

And for IT, the capacity-balancing capability should have especially strong appeal. With it, file and object data can shuffle around and be balanced for efficiency without IT or anyone needing to deal with silos. Today, too many organizations still perform capacity balancing work manually—putting some files on a different NAS system because the first one started running out of room. It’s time for those days to end. DataCore, with its 20-year history offering SANsymphony, is a vendor in a great position to deliver this new type of solution, one that essentially virtualizes NAS and object systems and even includes keyword search capabilities to help companies use their data to become stronger, more competitive, and more profitable.

DataCore vFilO is a top-tier file virtualization solution. Not only can it serve as a global file system, IT can also add new NAS systems or file servers to the environment without having to remap users of the new hardware. vFilO supports live migration of data between the storage systems it has assimilated and leverages the capabilities of the global file system and the software’s policy-driven data management to move older data to less expensive storage automatically; either high capacity NAS or an object storage system. vFilO also transparently moves data from NFS/SMB to object storage. If the user needs access to this data in the future, they access it like they always have. To them, the data has not moved.

The ROI of File virtualization is powerful, but it has struggled to gain adoption in the data center. File Virtualization needs to be explained, and explaining it takes time. vFilO more than meets the requirements to qualify as a top tier file virtualization solution. DataCore has the advantage of over 10,000 customers that are much more likely to be receptive to the concept since they have already embraced block storage virtualization with SANSymphony. Building on its customer base as a beachhead, DataCore can then expand File Virtualization’s reach to new customers, who, because of the changing state of unstructured data, may finally be receptive to the concept. At the same time, these new file virtualization customers may be amenable to virtualizing block storage, and it may open up new doors for SANSymphony.

Metallic is a new SaaS backup and recovery solution based on Commvault's data protection software suite, proven in the marketplace for more than 20 years. It is designed specifically for the needs of medium-scale enterprises but is architected to grow with them based on data growth, user growth, or other requirements. Metallic initially offers either monthly or annual subscriptions through reseller partners; it will be available through cloud service providers and managed service providers over time. The initial workload use cases for Metallic include virtual machine (VM), SQL Server, file server, MS Office 365, and endpoint device recovery support; the company expects to add more use cases and supported workloads as the solution evolves.

Metallic is designed to offer flexibility as one of the service's hallmarks. Aspects of this include:

• On-demand infrastructure: Metallic manages the cloud-based infrastructure components and software for the backup environment, though the customer will still manage any of its own on- premise infrastructure. This environment will support on-premise, cloud, and hybrid workloads. IT organizations are relieved of the daily task of managing the infrastructure components and do not have to worry about upgrades, OS or firmware updates and the like, for the cloud infrastructure, so people can repurpose that time saved toward other activities.

• Metallic offers preconfigured plans designed to have users up and running in approximately 15 minutes, eliminating the need for a proof-of-concept test. These preconfigured systems have Commvault best practices built into the design, or organizations can configure their own.

• Partner-delivered services: Metallic plans to go to market with resellers that can offer a range of services on top of the basic solution's capabilities. These services will vary by provider and will give users a variety of choices when selecting a provider to match the services offered with the organization's needs.

• "Bring your own storage": Among the flexible options of Metallic, including VM and file or SQL database use cases, users can deploy their own storage, either on-premise or in the cloud, while utilizing the backup/recovery services of Metallic. The company refers to this option as "SaaS Plus."

DevOps: An unsuspecting target for the world’s most sophisticated cybercriminals

DevOps focuses on automated pipelines that help organizations improve business-impacting KPIs like time-to-market, product development speed, agility and more. In a world where less time means more money, putting code into production the same day it’s written is, well, a game changer. But with new opportunities come new challenges. Automated building of software that’s distributed by vendors straight into corporations worldwide leaves cybercriminals salivating over costly supply chain attacks.

So how does one combat supply chain attacks?

Many can be prevented through the deployment of security to development infrastructure servers, the routine vetting of containers and anti-malware testing of the production artifacts. The problem is that a lack of integration solutions in traditional security products wastes time due to fragmented automation, overcomplicated processes and limited visibility—all taboo in DevOps environments.

Cybercriminals exploit fundamental differences between the operational goals of those who maintain and operate in the development environment. That’s why it’s important to show unity and focus on a single strategic goal—delivering a safe product to partners and customers in time.

The protection-performance balance

A strong security foundation is crucial to stopping threats, but it won’t come from a one bullet. It takes the right multi-layered combination to deliver the right DevOps security-performance balance, bringing you closer to where you want to be.

Protect your automated pipeline using endpoint protection that’s fully effective in pre-filtering incidents before EDR comes into play. After all, the earlier threats can be countered automatically, the less impact on resources. It’s important to focus on protection that’s powerful, accessible through an intuitive and well-documented interface, and easily integrated through scripts.