Answered by the Webhosting Experts

Private Cloud Product Guide: VMware by Broadcom

 

Private Cloud Introduction

Private Cloud (VMware) offers our clients all of the features of a state of the art, multi-tenant VMware cloud environment in combination with Hivelocity’s managed services and infrastructure expertise. Leveraging Hivelocity’s expertise ensures that the your cloud environment is supported by cutting-edge technologies and adheres to industry best practices, guaranteeing optimal performance and reliability. The infrastructure is engineered to provide high performance, scalability, high availability (no single points of failure), and secure cloud services to our clients, ensuring efficient operations and robust data management.

The core of Private Cloud is powered by VMware’s industry leading virtualization platform as well as Pure Storage. VMware’s robust features provide our clients with flexible resource allocation, seamless migration, and efficient workload management. This ensures a highly responsive and adaptable infrastructure capable of meeting diverse tenant requirements. Pure Storage provides our clients with high-performance, low-latency storage solutions with several performance options based on their application requirements. The integration of Pure Storage ensures that Private Cloud delivers rapid data access and supports demanding workloads, contributing to an optimized and responsive user experience.

To offer flexibility when it comes to management, Hivelocity will be offering two options to our clients. Those options will be broken out into Advanced Managed and Base Managed based to meet each client’s requirements.

Advanced Managed (Multi-Tenant and Dedicated Hosts*)

For clients looking to offload many of the daily management tasks to an MSP, Hivelocity offers a 24x7x365 managed option that includes initial solutioning/design and infrastructure setup for VMware (compute and networking, infrastructure monitoring/alerting, as well as Hivelocity SRE support. This option relieves our clients of having to perform ongoing operational actions and frees them up to do what is important to them, focus on their business applications and running their business.  

 With the Advanced Managed option, clients are provided access to the Cloud Director console to allow visibility of their cloud environment as well as view the usage currently deployed resources. Clients will be provided remote console access to the VM(s) to install and manage their applications. As changes are needed in the cloud environment, clients will be able to simply contact Hivelocity Support via the normal ticketing process to have additional VM’s created, started, stopped, restarted, updated or deleted as well as request changes to the network access and connectivity to and from their VM(s).

Base Managed (Multi-Tenant and Dedicated Hosts*) 

For Clients who are looking for more of a hands-on solution, Hivelocity offers a self service option which allows them to provision and manage their resources within the Private Cloud platform. For this option, the Client retains the responsibility to provision and maintain full control their own VM(s) as well as maintain the patch levels of their operating systems, network configurations and alert remediation specific to their configuration. Hivelocity will be responsible for the initial setup of the account to ensure proper client access as well as the initial infrastructure monitoring setup and monitoring within the Private Cloud— Multitenant Cloud environment. Hivelocity will provide monitoring and remediation services for the infrastructure and will send non-infrastructure related alerts to the client for remediation purposes.

 Clients will have full access to the Cloud Director portal to perform management functions of their Private Cloud — Multitenant Cloud environment. Clients will have the ability to create, modify, start, stop and remove virtual servers, virtual CPUs (vCPU), virtual RAM (vRAM), network, and storage resources. Some advanced configuration requests may require that a ticked be submitted to Hivelocity support to assist with the deployment of the request.

Private Cloud Optional Add On Services:

Advanced Load Balancer

  • VMware NSX Advanced Load Balancer (formerly known as Avi Networks) uses a software-defined architecture that separates the central control plane (Avi Controller) from the distributed data plane (Avi Service Engines). NSX Advanced Load Balancer is 100% REST API based, making it fully automatable and seamless with the CI/CD pipeline for application delivery. With predictive autoscaling NSX Advanced Load Balancer can scale based on elastic application loads across multi-cloud environments, including bare metal servers, virtual machines, and containers.
  • For security, NSX Advanced Load Balancer features an Intelligent Web Application Firewall (iWAF) that covers OWASP CRS protection, support for compliance regulations such as PCI DSS, HIPAA, and GDPR, and signature-based detection. It deploys positive security model and application learning to prevent web application attacks. Additionally, built-in analytics provide actionable insights on performance, end-user interactions and security events in a single dashboard (Avi App Insights) with end-to-end visibility. For container-based microservices applications, NSX Advanced Load Balancer offers a container ingress that provides traffic management, service discovery, and application maps.

Advanced Patch Management

  • Hivelocity will be providing operating system patching to all of the current vendor supported Operating System’s (as detailed here: https://help.automox.com/hc/en-us/articles/5352186282644-Supported-Operating-Systems) on a monthly basis as patches are released. Hivelocity will set up a new account in Automox and provide client access credentials. Once access is established Hivelocity will set up all client VMs that need to receive patching which requires a small agent to be installed on each OS which will require OS access. Once the agents are installed, Hivelocity will set up the initial patching schedule based on client requirements, provide console training, and handover Automox access to the client. Automox will notify our clients when patches are available to provide proper application testing (UAT) and will only deploy patches based on an agreed upon maintenance window as configured in the patching schedule. Clients will have access in the Automox portal to install Emergency/on-demand patches as needed. Any assistance needed can be requested by support ticket.  
  • Automox Powered

Advanced Virtual Gateway Firewall

  • VMware NSX Gateway Firewall is a software-only, layer 2-7 firewall that enables you to achieve consistent network security coverage and unified management for all of your workloads, regardless of whether they’re running on physical servers, in a private or public cloud environment or in containers. When deployed together with the NSX Distributed Firewall, the Gateway Firewall extends its capabilities to deliver consistent protection across the entirety of the infrastructure.
  • VMware NSX Gateway Firewall is a software-only, layer 2-7 firewall that incorporates advanced threat prevention capabilities such as intrusion detection/prevention (IDS/IPS), URL filtering and malware detection (using network sandboxing and other techniques) as well as routing and virtual private networking (VPN) functionality.
  • When the NSX Gateway Firewall is deployed in conjunction with the NSX Distributed Firewall, it’s easy to extend consistent layer 2-7 security controls across all applications and workloads.

Advanced Virtual Distributed Firewall

  • The VMware NSX Distributed Firewall is a software-defined Layer 7 firewall purpose-built to secure multi-cloud traffic across virtualized workloads. It provides stateful firewalling with IDS/IPS, sandboxing, and NTA/NDR— delivered as software and distributed to each host. With complete visibility into applications and flows, the NSX Distributed Firewall delivers superior security with policy automation that’s linked to the workload lifecycle. Unlike traditional firewalls that require network redesign and traffic hair-pinning, the NSX Distributed Firewall distributes the firewalling to each host, radically simplifying the security architecture. This allows security teams to easily segment the network, stop the lateral movement of attacks, and automate policy in a vastly simpler operational model.

Advanced Firewall with Advanced Threat Protection

  • VMware’s NSX Advanced Threat Prevention (ATP) provides network security capabilities that protect organizations against advanced threats. NSX ATP combines multiple detection technologies – Intrusion Detection/Prevention System (IDS/IPS), Network Sandboxing, and Network Traffic Analysis (NTA) – with aggregation, correlation, and context engines from Network Detection and Response (NDR). These capabilities complement each other to provide a cohesive defensive layer. As a result, ATP increases detection fidelity, reduces false positives, and accelerates remediation while decreasing security analysts’ manual work.
  • IDS/IPS: This technology inspects all traffic that enters or leaves the network, detecting and preventing known threats from gaining access to the network, critical systems, and data. IDS/IPS looks for known malicious traffic patterns to hunt for attacks in the traffic flow. When it finds such attacks, it generates alerts for use by security analysts. Alerts are also logged for post-incident investigation.
  • Network Sandbox: This is a secure isolation environment that detects malicious artifacts. It analyzes the behavior of objects, such as files and URLs, to determine if they are benign or malicious. Because it does not rely on signatures, the sandbox can detect novel and highly targeted malware that has never been seen before.
  • NTA: This technology looks at network traffic and traffic flow records using machine learning (ML) algorithms and advanced statistical techniques to develop a baseline of everyday activities. NTA can identify protocol, traffic, and host anomalies as they appear. Of course, not all anomalies represent threats; that’s why VMware’s NTA implements additional ML and rule-based techniques to determine if the anomaly is malicious. This analysis pipeline keeps false positives to a minimum, reducing the security team’s work so the team can focus on real issues.
  • NTA : Utilizes machine learning algorithms to develop a secure baseline of activities from network traffic, log files, and flow records and then alert to deviations from the secure baseline.
  • NDR: NDR consists of aggregation, correlation, and context engines. The aggregation engine collects signals from individual detection technologies. It combines them to reach a verdict (malicious or benign) on network activities. The correlation engines combine multiple related alerts into an “intrusion campaign.” The context engines collect data from various sources (including sources outside NSX) to add helpful context to the information provided to security analysts.
  • Advanced VPN
  • Additional VPN tunnels
  • Advanced Backup powered by Veeam. 
  • Advanced DRaaS Powered by Zerto. 
  • Microsoft SPLA and other 3rd Party Licensing
  • Advanced VMware Migration Services (vCDA). 
  • Professional Services Migration (Via Partner, Complex Migrations

Cloud Storage Powered by Pure Storage

The Hivelocity Cloud 2.0 is built using best in class storage array from Pure Storage. Pure allows our clients to utilize various tiers of storage to ensure their applications have the performance they need depending on workload as well as more budget friendly options to ensure our client’s data retention policies are met.  

  • Performance Tier 1 Storage
  • Standard Tier 2 Storage
  • Backup Tier 3 Storage

Performance Tier 1 Storage:

Experience unparalleled performance Hivelocity’s Performance Tier, designed to meet the demanding requirements of modern businesses. Our cutting-edge flash storage technology ensures lightning-fast access to your data, delivering the speed and responsiveness needed for critical applications. With ultra-low latency and high throughput, the Performance Tier empowers your organization to thrive in the era of real-time analytics and data-driven decision-making.

Key Features:

  • NVMe Flash Technology: Leverage the power of Non-Volatile Memory Express (NVMe) to unlock the full potential of flash storage, providing a quantum leap in speed and responsiveness.
  •  Predictive Analytics: Proactively address potential issues with Pure1® predictive analytics, ensuring optimal performance and minimizing disruptions.
  • Scalability: Seamlessly scale your storage infrastructure to accommodate growing data demands without sacrificing performance or worrying about procuring additional hardware as your storage requirements grow.

Standard Tier: Reliable and Cost-Efficient Storage Solutions

Hivelocity’s Standard Tier offers a robust and reliable storage solution that balances performance with cost-effectiveness. Ideal for a wide range of workloads, this tier provides a cost-efficient way to store and manage your data without compromising on quality or reliability. Whether you’re running business applications, virtualized environments, or databases, the Standard Tier delivers the reliability you need at a price point that makes sense for your budget.

Key Features:

  • All-Flash Array: Benefit from the speed and efficiency of all-flash storage, ensuring consistent performance across diverse workloads.
  • Data Reduction: Maximize storage efficiency with inline deduplication and compression, reducing your overall storage footprint and optimizing costs.
  • Reliability: Rely on Pure Storage’s proven track record for high availability and data integrity, minimizing the risk of downtime or data loss.

Backup Tier: Safeguarding Your Data Assets

Ensure the resilience and security of your data with Pure Storage’s Backup Tier. This tier is specifically designed to address the critical need for data protection, providing robust backup and recovery capabilities. With comprehensive features such as snapshot technology, data replication, and integration with leading backup solutions, the Backup Tier offers a solid foundation for building a reliable data protection strategy.

Key Features:

  • Snapshots and Replication: Create point-in-time snapshots for rapid data recovery and replicate data across geographically dispersed locations to ensure business continuity.
  • Integration with Backup Solutions: Seamlessly integrate with leading backup solutions, streamlining your backup and recovery processes.
  • Compliance and Security: Adhere to regulatory requirements and enhance data security with encryption, access controls, and audit trails.

Data Protection Services Powered by Veeam

Safeguard your VMware virtualized infrastructure with Hivelocity’s Data Protection service (Powered by Veeam) designed to address the unique challenges of VMware environments. Veeam Backup for VMware combines powerful features with seamless integration, providing comprehensive data protection tailored specifically for VMware-based workloads. Elevate your virtualization strategy with Veeam’s advanced backup options and ensure the availability, reliability, and recoverability of your critical data.

Service Offerings

  • Veeam Backup & Replication for VMware: Veeam’s flagship solution, Backup & Replication, offers specialized capabilities for VMware environments, providing seamless backup, replication, and recovery processes. Ensure the protection of your virtual machines (VMs) with a solution optimized for VMware’s unique architecture.
  • Veeam Explorer for VMware: Gain granular visibility into your VMware backups with Veeam Explorer, allowing for efficient recovery of individual items, such as files or application objects, directly from the backup.
  • VMware vSphere Integration: Benefit from tight integration with VMware vSphere, leveraging Veeam’s capabilities to enhance your vSphere environment’s data protection and recovery.

Key Backup Options

  • Image-Based VM Backups: Veeam’s image-based backup approach captures entire VM images, ensuring comprehensive protection and enabling efficient recovery of entire VMs.
  • Incremental Backups with Advanced Deduplication: Minimize backup storage requirements and optimize performance with Veeam’s advanced deduplication technology, capturing only changed data since the last backup.
  • Instant VM Recovery: Reduce downtime with Veeam’s instant VM recovery, allowing you to restart failed VMs directly from a backup file in minutes.
  • Application-Aware Processing: Ensure consistent and reliable backups of applications running in VMs with Veeam’s application-aware processing, supporting applications like Microsoft Exchange, SQL Server, and Active Directory.
  • VeeamZIP for Quick Ad-Hoc Backups: Perform ad-hoc backups of VMs with VeeamZIP, providing a quick and easy way to create point-in-time backups for testing, development, or archival purposes.
  • SureBackup Verification: Validate the recoverability of your backups with Veeam’s SureBackup, automatically verifying the integrity of VM backups and ensuring they can be successfully recovered.

Secure your VMware virtualized environment with confidence, leveraging Veeam’s tailored backup solutions. Whether you’re dealing with data loss, system failures, or simply need to ensure compliance, Veeam Backup for VMware environments delivers the reliability and flexibility your organization requires for efficient data protection.

Getting Started

How to:

Virtual Machines:

vApps

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: support@hivelocity.net. We are also available to you through our phone and live chat system 24/7/365.