Bob Plankers

Bob Plankers has spent three decades leading teams that think about how to design, build, operate, and automate reliable & secure IT infrastructure, as an end user, technical marketer, and a product manager. He currently focuses on applied security, compliance, and operational resilience within the VMware vSphere and VMware Cloud Foundation platforms at Broadcom. He can often be found talking about his experiences on stage, in person, and even sometimes on YouTube, in his authentic, humorous manner. Outside of work he can be found hanging around with his family, watering his garden, feeding pellets to his smoker, teaching his AIs new tricks, or at the Stoughton Conservation Club where he serves on its board of directors.

Information Security Concepts

by

Understanding information security concepts not only enables efficient communication within organizations but also promotes understanding among different groups. Moreover, these information security concepts improve system design by highlighting areas of consideration. Authentication Authentication, a fundamental information security concept, proves that a person or application is genuine, thereby verifying their identity. It employs one or more of three primary methods, or factors: what you know, what you are, and what you have. “What you know” encompasses passwords, personal identification numbers (PINs), passphrases, and other secrets. However, this type of authentication is not strong on its own and is typically paired with another authentication factor. “What you are” involves biometric authentication methods, …

Read More

What is Zero Trust?

by

Zero Trust means “trust no device and trust no user.” It constantly re-evaluates access for every user and system. All devices and user identities undergo continuous multifactor verification. This approach enhances security by minimizing the attack surface and reducing the impact of potential breaches. Zero Trust acknowledges that threats can originate from both inside and outside the network perimeter. Infrastructure services often differ because they must run and connect when no other services are available. Infrastructure software like VMware vSphere uses features such as Secure Boot, Trusted Platform Modules, VIB signing and verification, and host attestation. These features build assurances that the infrastructure can be trusted in its current configuration. …

Read More

What is Ransomware?

by
Midjourney AI rendition of what cybersecurity and ransomware is, with a silhouette of a person in the middle of a lot of colored, blocky paint smears

Ransomware is malware that denies access to an organization’s data, typically by encrypting it with a key known only to the attacker. Organizations cannot patch or defend against ransomware in a single way. All attacks are different but it usually represents the final stage of a complex attack by an ecosystem of criminals who methodically infiltrate and seize an organization’s electronic assets. Their goals include holding these assets for ransom, stealing intellectual property, and extorting both the primary victim and their customers. Infection Vectors Malware often enters through malicious downloads, email links, advertisements, phishing attacks, social network messages, and websites. Recently, aggressive worms have spread ransomware using unpatched vulnerabilities and …

Read More

VMware vSphere Patching Best Practices

by
Midjourney AI depiction of a metamorphosis and change, a painting of hundreds of butterflies fluttering in blue, orange, red, and yellow

Patching and updating VMware vSphere 8 is a LOT easier than it used to be, and has a lot less risk with the advent of vCenter Reduced Downtime Update and the creation of an internal LVM snapshot on the VCSA. That said, this is a collection of some VMware vSphere “patching best practices” that tend to make patching a smoother and more successful experience. Some of these ideas seem obvious, but in large environments things change without proper communications to downstream teams. When you assume nothing, and verify things before proceeding, you have a much more successful experience. Preparation Ensure Access to VCSA Root and SSO Administrator Accounts Ensure that …

Read More

Create a VM Template for Rocky Linux 9

by
Midjourney rendering of Linux VM Templates

It’s fairly easy, but not entirely straightforward, to create a good Linux VM template on VMware vSphere. You’ve come to the right place, though! Let’s walk through all the steps needed to create a reliable, small, and secure VM template on VMware vSphere and VMware Cloud Foundation using Rocky Linux 9. Create a New VM First, we need a fresh VM. Make new VM the latest virtual hardware version you can. See “Upgrade VM Hardware Versions” for more discussion on this. Choose the right operating system. In this case, Rocky Linux is in the list. Alternately, you could choose Red Hat Enterprise Linux 9 for EL-family Linux distributions. I create …

Read More

Upgrade VM Hardware Versions

by

There are varying opinions within the greater VMware community about upgrading VM hardware versions. Newer virtual machine hardware versions introduce new features, new guest OS support, better compatibility and performance with CPU vulnerability mitigations, better support for modern CPU features, better security defaults, and so on. Upgrading virtual machine hardware changes the virtual hardware presented to the guest operating system, just as if you placed a boot device from a physical server into a newer physical server. These changes can vary in risk, may require more than one reboot, and may require human interaction to complete. This forms the basis for many of the opinions that recommend leaving VM hardware …

Read More

What is Access Control?

by
Midjourney depiction of access control

Access control is a fundamental concept in cybersecurity that revolves around managing and restricting access to sensitive resources within an organization’s network. It is a critical component of any comprehensive security strategy, as it helps prevent unauthorized access, protect confidential data, and ensure that only authorized individuals can perform specific actions or access particular systems. At its core, access control is based on the principle of least privilege, which states that users should be granted the minimum level of access required to perform their job functions effectively. This approach minimizes the potential damage that can be caused by accidental or malicious misuse of privileges. Types of Access Control Models There …

Read More

What is a Keylogger or Keystroke Logger?

by
Midjourney representation of the question "What is a Keylogger?"

A keylogger, also known as a keystroke logger, is a type of software or hardware device that records every keystroke made on a computer keyboard. It captures all the text typed by the user, including sensitive information such as passwords, credit card numbers, and private conversations. Software Keyloggers Software-based keyloggers are the most common type. They are installed on the target computer, often through malware or phishing attacks. Once active, they run in the background, secretly logging keystrokes and sending the collected data to the attacker. Some advanced keyloggers can even capture screenshots and record clipboard content. Hardware Keyloggers Hardware keyloggers are physical devices that are attached between the keyboard …

Read More

What is Virtualization?

by
Midjourney rendition of the question "What is virtualization?"

At its core, virtualization is a technology that allows you to create multiple virtual environments on a single physical machine. These virtual environments, called virtual machines (VMs), act as independent computers with their own operating systems, applications, and resources, even though they share the same underlying hardware. Imagine you have a powerful server with ample CPU, memory, and storage capacity. Instead of dedicating the entire server to a single operating system and application, you can use virtualization software, known as a hypervisor, to create multiple VMs on that server. Each VM runs its own operating system and applications, isolated from other VMs on the same physical machine. Types of Virtualization …

Read More

What is an Inode?

by
An image generated by Midjourney depicting people with hats looking at a skyline, connected with wires, with blobs in them that could be inodes

An inode, short for “index node,” is a data structure used by Linux filesystems to store metadata about a file or directory. Each file and directory in a Linux or UNIX filesystem is associated with a unique inode number. The inode contains essential information about the file or directory, such as: It’s important to note that the inode itself does not contain the file’s name or the actual data. Instead, it serves as a reference point for accessing the file’s metadata and locating its data on the disk. Inode Structure and Limits Each filesystem has a fixed number of inodes, which is determined when the filesystem is created. The number …

Read More

+ More Posts +