Palo Alto GlobalProtect + Yosemite

One of the clouds I have access to is protected by a Palo Alto firewall. It has its own VPN client which allows me access to it. It is known as GlobalProtect. As an avid Mac user I have upgraded to Yosemite the moment it came out. Whilst I had run most of my software in a Yosemite VM, I had not tested this client. Before the release of Mavericks, Apple told developers they would increase the stringency of their code signing. There would be tighter checks and increase security as a result. The kext signing would aid in helping protect users. Herein lies the problem. There are a number of applications which are not following new signing rules and Yosemite will nip them in the bud. What occurs with PAN’s GlobalProtect is that it will fail to establish a VPN. Certain parts are code signed. There is a fix … Continue reading

SPARK: VXLAN ARP Supression by @dkalintsev

Dmitri is a Solution Architect within the NSBU at VMware. I am very lucky to have him within my office so I can annoy the heck out of him. He is an exceptionally talented person who gets it at the big picture and can drill down into the minutiae. He just published a very detailed post over on his blog about how NSX performs ARP suppression. It gives a good insight into what the controller does in Unicast mode and some great commands to troubleshoot. If you don’t follow him then please do!  

Improving image workflows

I put a lot of images into my blog or presentations. I do not like to be wordy. Sometimes I spend a lot of time cleaning them up and getting rid of backgrounds. Time to clean them up a faster way that will make the OCD in you happy. Take a source image like this Docker Whale for example. Bring it into OSX Keynote. Here we can use the instant alpha feature inside keynote. This lets you select a color and mask it out of the image. In this case, I select and drag the radius the color is sampled. It then highlights in an aquamarine color the areas it will mask. It is located under Format > Image > Instant Alpha Release the mouse and instantly the color is hidden. No more zooming in and erasing only to make a mistake and having to undo a whole section. Let … Continue reading

SPARK: NSX-mh Design Guide

Over on the community portal there has be a 4.2 release of the NSX-mh design guide. It gives administrators of NSX-mh an understanding into the design and configuration considerations around the latest version. It includes recommendations about virtual service nodes, gateways, ToR integration, OVSDB compatibility and more. It highlights the key differences between MH and V and speaks to its differentiators and shows how they can be used in a large NFV deployment. The link to this Design Guide can be found here.