VWannabe

Author: javirodz

  • How to spin up a Linux instance in AWS

    How to spin up a Linux instance in AWS

    Amazon Web Services (AWS) has more than a thousand services, much of them are free to try and cost very little once you start paying. There are a few programs like pay as you go and reserve resources, in other words, it is incredibly convenient. In this post, I will provide a step by step guide on how to launch a Linux virtual machine and how to connect to it. First of all head to https://aws.amazon.com and create an account, if you don’t already have one, and click on the “Create an AWS Account” or “Create a Free Account” button.

     

    This slideshow requires JavaScript.

    Follow the wizard entering all the information like name, address, and email address. You’ll need a credit card to finish the registration, but don’t worry, as long as you use the Free Tier you’ll be ok. The following slideshow contains all the necessary steps to create an instance. Keep reading after the slideshow for more detailed instructions.

    This slideshow requires JavaScript.

    1. Click “Launch a virtual machine.”
    2. Click “Get started” on the left EC2 Instance.
    3. Type in a name like “MyLinuxInstance” and click “Use this name.”
    4. Click or leave the “Amazon Linux AMI” selected because this is available for the free tier.
    5. Select the “t2”, which is eligible for free tier, and click “Next.”
    6. Create a key pair. You can leave the default name, but it is imperative that you download it to your local computer because you will not be able to do it later.
    7. Click the “Create this instance” button, and wait for a few seconds.
    8. Click the “Proceed to the EC2 console” button.

    Depending on how many times you’ve done this you may land on a slightly different page. The trick here is to navigate to the EC2 dashboard and click the link to the Running Instances.

    Screenshot 2018-02-08 14.56.27

    Once there you can select the newly created instance. Take note of the public IP address because you’ll need this to connect to Linux virtual machine.

    Screenshot 2018-02-08 12.09.09.png

    If you are on a mac or another Linux, change the permission on the Key Pair file to 600 with the following command:

    chmod 600 MyLinuxInstance.pem

    The file name (MyLinuxInstance.pem) will depend on the name you chose for your Key Pair. Then connect like this:

    Screenshot 2018-02-08 12.00.44

    You can use the Public DNS or the Public IP, and I tested the permissions with 600, and it worked too. You’ll always use ec2-user as the user. In case you are using PuTTY for Windows, there is a short procedure that you need to take care of.

    This slideshow requires JavaScript.

    1. Start the application PuTTYgen (PuTTY Key Generator) that is installed with PuTTY. In case you don’t have PuTTY you can download it here.
    2. Leave the RSA and 2048 bits default values and hit the “load” button.
    3. Change the type of file to “All files” and select the Key Pair file and click “Ok” in the confirmation window.
    4. The click Save Private Key, also click Yes to the Pop-up warning, and select the folder where you want to save the key.

    Now go ahead and close the PuTTY Key generator and start PuTTY. The following slideshow contains the steps to create a new session using the key previously generated and saved by PuTTYGen.

    This slideshow requires JavaScript.

    1. Start PuTTY
    2. In the Host Name enter the Public DNS or the Public IP
    3. On the left Category pane expand Connection -> SSH -> Auth
    4. Select the previously generated Key File clicking the “Browse” button.
    5. Save your session and launch it. You may have to click “Yes” to accept the signature if this is the first time login in.

    And that is how you can land on a Linux Virtual Machine in less time than installing your own locally.

  • CCNA Cyber Ops – SECOPS 1.0

    CCNA Cyber Ops – SECOPS 1.0

    I started the study guide for the first part of this certification last year. You can check it out here. After some great feedback, I’ve decided to start the Study Guide for the second part of the certification, Implementing Cisco Cybersecurity Operations (SECOPS).  I also was accepted on cohort 7 for the scholarship. The scholarship is still available at the time of this post, and it can be accessed here. I will try to follow the blueprint as close as possible, but I will leave some topics for later in the year after I learned a little more about them.

    1.0 Endpoint Threat Analysis and Computer Forensics

    1.1 Interpret the output report of a malware analysis tool such as AMP Threat Grid and Cuckoo Sandbox.

    1.2 Describe these terms as they are defined in the Common Vulnerability Scoring System (CVSS 3.0):

    a. Attack Vector (AV): This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the Base score) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across the Internet is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater score. The list of possible values is presented in Figure 1.

    Figure 1: Attack Vector

    Screenshot 2018-01-02 11.55.38

     

    b. Attack Complexity (AC): This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. As described below, such conditions may require the collection of more information about the target, the presence of certain system configuration settings, or computational exceptions. Importantly, the assessment of this metric excludes any requirements for user interaction in order to exploit the vulnerability (such conditions are captured in the User Interaction metric). This metric value is largest for the least complex attacks. The list of possible values is presented in Figure 2.

    Figure 2: Attack Complexity

    Screenshot 2018-01-02 12.18.58

    c. Privileges Required (PR): This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability. This metric is greatest if no privileges are required. The list of possible values is presented in Figure 3.

    Figure 3: Privileges Required

    Screenshot 2018-01-02 12.13.05.png

    d. User interaction (UI): This metric captures the requirement for a user, other than the attacker, to participate in the successful compromise of the vulnerable component. This metric determines whether the vulnerability can be exploited solely at the will of the attacker, or whether a separate user (or user-initiated process) must participate in some manner. This metric value is greatest when no user interaction is required. The list of possible values is presented in Figure 4.

    Figure 4: User Interaction

    Screenshot 2018-01-02 12.23.42

    e. Scope (S): An important property captured by CVSS v3.0 is the ability for a vulnerability in one software component to impact resources beyond its means or privileges. This consequence is represented by the metric Authorization Scope, or simply Scope. Formally, Scope refers to the collection of privileges defined by a computing authority (e.g., an application, an operating system, or a sandbox environment) when granting access to computing resources (e.g., files, CPU, memory, etc.). These privileges are assigned based on some method of identification and authorization. In some cases, the authorization may be simple or loosely controlled based on predefined rules or standards. For example, in the case of Ethernet traffic sent to a network switch, the switch accepts traffic that arrives on its ports and is an authority that controls the traffic flow to other switch ports. When the vulnerability of a software component governed by one authorization scope can affect resources governed by another authorization scope, a Scope change has occurred. Intuitively, one may think of a scope change as breaking out of a sandbox, and an example would be a vulnerability in a virtual machine that enables an attacker to delete files on the host OS (perhaps even its own VM). In this example, there are two separate authorization authorities: one that defines and enforces privileges for the virtual machine and its users, and one that defines and enforces privileges for the host system within which the virtual machine runs. A scope change would not occur, for example, with a vulnerability in Microsoft Word that allows an attacker to compromise all system files of the host OS, because the same authority enforces privileges of the user’s instance of Word, and the host’s system files. The Base score is greater when a scope change has occurred. The list of possible values is presented in Figure 5.

    Figure 5: Scope

    Screenshot 2018-01-02 12.28.06

    1.3 Describe these terms as they are defined in the Common Vulnerability Scoring System (CVSS 3.0):

    a. Confidentiality Impact (C): This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones. The list of possible values is presented in Figure 6. This metric value increases with the degree of loss to the impacted component.

    Figure 6: Confidentiality Impact

    Screenshot 2018-01-02 12.38.24.png

    b. Integrity Impact (I): This metric measures the impact on the integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. The list of possible values is presented in Figure 7. This metric value increases with the consequence to the impacted component.

    Figure 7: Integrity Impact

    Screenshot 2018-01-02 12.39.55

    c. Availability Impact (A): This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the impacted component, this metric refers to the loss of availability of the impacted component itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of an impacted component. The list of possible values is presented in Figure 8. This metric value increases with the consequence to the impacted component.

    Figure 8: Availability Impact

    Screenshot 2018-01-02 12.43.23

    1.4 Define these items as they pertain to the Microsoft Windows file system

    a. FAT32: is an updated version of the FAT (File Allocation Table) file system created in 1977 by Microsoft. It is a computer file system architecture and a family of industry-standard file systems utilizing it. With FAT32 you’re limited to 2TB FAT32 partitions and 4GB maximum size files.

    b. NTFS (New Technology Files System): is a proprietary file system developed by Microsoft.

    c. Alternative data streams:Alternate Data Streams (ADS) is a file attribute only found on the NTFS file system. You’ll need a tool like streams to view this data. Here is an example.

    d. MACE: NTFS keeps track of lots of time stamps. Each file has a time stamp for ‘Create’, ‘Modify’, ‘Access’, and ‘Entry Modified’. The latter refers to the time when the MFT entry itself was modified. These four values are commonly abbreviated as the ‘MACE’ values. Note that other attributes in each MFT record may also contain timestamps that are of forensic value.

    1. MFT (Master File Table): The NTFS file system contains a file called the master file table, or MFT. There is at least one entry in the MFT for every file on an NTFS file system volume, including the MFT itself. All information about a file, including its size, time and date stamps, permissions, and data content, is stored either in MFT entries, or in space outside the MFT that is described by MFT entries.

    e. EFI: The EFI system partition (ESP) is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers adhering to the Unified Extensible Firmware Interface (UEFI).

    1. 1. UEFI: The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware.

    f. Free space: See File system, it refers to the unallocated space in a file system.

    g. Timestamps on a file system: File properties in regards of date and time.

    1.5 Define these terms as they pertain to the Linux file system

    a. EXT4: The ext4 or fourth extended filesystem is a journaling file system for Linux, developed as the successor to ext3.

    b. Journaling: A journaling file system is a file system that keeps track of changes not yet committed to the file system’s main part by recording the intentions of such changes in a data structure known as a “journal”, which is usually a circular log.

    c. Master Boot Record (MBR): is a special type of boot sector at the very beginning of partitioned computer mass storage devices like fixed disks or removable drives intended for use with IBM PC-compatible systems and beyond. The MBR holds the information on how the logical partitions, containing file systems, are organized on that medium. The MBR also contains executable code to function as a loader for the installed operating system—usually by passing control over to the loader’s second stage, or in conjunction with each partition’s volume boot record (VBR). This MBR code is usually referred to as a boot loader.

    d. Swap filesystem: Swap space in Linux is used when the amount of physical memory (RAM) is full. If the system needs more memory resources and the RAM is full, inactive pages in memory are moved to the swap space. While swap space can help machines with a small amount of RAM, it should not be considered a replacement for more RAM. Swap space is located on hard drives, which have a slower access time than physical memory.

    e. MAC: In cryptography, a message authentication code (MAC), sometimes known as a tag, is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. The MAC value protects both a message’s data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.

    1.6 Compare and contrast three types of evidence

    a. Best evidence: Original, unaltered evidence. In court, this is preferred over secondary evidence.The best evidence rule is a legal principle that holds an original copy of a document as superior evidence.

    b. Corroborative evidence: (or corroboration) is evidence that supports a proposition already supported by initial evidence, therefore confirming the original proposition.

    c. Indirect Evidence (Circumstantial): Circumstantial evidence is evidence that relies on an inference to connect it to a conclusion of fact—like a fingerprint at the scene of a crime. By contrast, direct evidence supports the truth of an assertion directly—i.e., without need for any additional evidence or inference.

    1.7 Compare and contrast two types of image (both refer to Integrity, see above)

    a. Altered disk image: A system image with a compromised integrity.

    b. Unaltered disk image: An image that has not been tampered with and that will provide the same result as the original when applied a hash algorithm like MD5.

    1.8 Describe the role of attribution (“action of bestowing or assigning”) in an investigation. (Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit). This  a nice read on the problem of attribution.

    a. Assets: In information security, computer security and network security, an asset is any data, device, or other component of the environment that supports information-related activities.

    b. Threat actor: Responsible for the cyberattack.

    In future posts I will try to cover the following topics:

    • Network Intrusion Analysis
    • Incident Response
    • Data and Event Analysis
    • Incident Handling
  • Hacking Public Speaking

    Hacking Public Speaking

    This morning I am crashing down on a bean bag to listen to a few tricks from newbies and seasoned public speakers alike on how to master this skill. Thanks to Ariel Sanchez (@arielsanchezmor ), Thom Greene (@tbgree00), Edward Haletky (@Texiwill), and Simon Long (@SimonLong_ ) for this excellent talk.

    1. Create a mind map, and plan your flow of the presentation. If you present something you love, it comes easier.
    2. If you are a mumbler or is not your first language, try to speak slower.
    3. Pick a topic that you feel comfortable with and that you know pretty well.
    4. Practice or rehearse,  you don’t have to wait for an opportunity to speak in public to start preparing, if you know you love something you’ll eventually present about it.
    5. Be realistic, sometimes there are questions you don’t know the answer to, don’t try to BS about,  answer: “I don’t know, but I will found out, and I will get back to you.” But do follow up, at the end of the talk collect the contact information of the person to be able to deliver the answer.
    6. Know yourself, some people are comfortable with being thrown into the cold water, others need to dip the toes. For example, talk to people before the session starts, or maybe have a ritual of something that you normally do to ease yourself.
    7. Don’t stand in front of everyone waiting for the presentation to start.
    8. Have confidence that the audience is there because they want to listen to what you are presenting and that you are the SME on that topic.
    9. Make eye contact to get a feeling how the material is getting absorved. If you see that people are wondering, then you could change your strategy a little bit, this is why is really important to know the material by heart.
    10. Record yourself practicing the presentation and post it on youtube, or at least record it with the idea in mind that it will be published.
    11. Have some friends be there, and ask for pictures while you are presenting to celebrate afterwards. That though will pump you.
    12. Give yourself time to prepare and to be able to share your presentation and content with friends to receive feedback with enough time to make corrections.
    13. Have the talk ready in full with a few days of buffer, prepare something that you can use as it is, but then you can keep tuning up to the last moment.
    14. Start preaparing as early as you can so you don’t get into a timing problem.
    15. Support from family, co-workers, and friends helps a lot.
    16. To get used to your voice, record yourself and listen to it as many times as you need to.
    17. If you are presenting a demo, expect that it will go wrong and have a video as backup.
    18. Don’t plan jokes, things will happen that will make you look funny anyway, smile a lot tho.
    19. Nerves will be present, develop strategies to cope with it.
  • VMworld 2017 General Session Day Two

    VMworld 2017 General Session Day Two

    Day one at VMworld 2017 was huge, exciting announcements about VMWare on AWS and ubiquitous security via the NSX framework and AppDefense. Day two is action-packed. Michael Dell joins Pat Gelsinger on stage for this second-day general session. The digital transformation is the main topic around all the sessions, Michael Dell talks about how easy is to make smart gadgets and that it is all connected. The fuel for these engines is the data, without it even the best algorithms are useless.
    Dell talks about how the drivers of the economy are small, medium and emerging business by employing most the workforce, and how VMware serves that market with a complete technology ecosystem.
    The market is seeing growth with next generation applications and containers.  Pivotal Cloud Foundry works together to shorten the gap between the IT people and the cool developer using the latest technologies, to make it happen, Rob, Pat and Mike announced Pivotal Container Services (PKS). Based on Kubernetes, it will allow customers to build scalable apps that can go from development to the real world in less time. Read more about it here.
    VMware proposes a consistent environment across all platforms, in an entirely secure environment. The office of the CTO goes ahead and presents a demo of a complete suite of VMware Cloud products for the Elastic Sky Pizza hypothetical company. It is all focused-on simplicity, scalability, speed, automation, and security.
    2017-08-29 09.37.58
    They provide a demo of the Pivotal Container Services to setup a platform for developers, and it only takes a few minutes on a single pane of glass. VMWare cloud services, built in the cloud and for the cloud. A technical preview of the automation services provides a visual representation of the system. You could provision this blueprint to any cloud.
    Networking and Security are the main challenges for any cloud deployment. With NSX Cloud we can manage and deploy services via policies maintaining a consistent experience across all stages.

    2017-08-29 09.58.37
    Wavefront by VMWare is a real-time metric, alerting and analytics platform that will help the developers identify and pinpoint the root cause of problems in applications deviating from normal behavior. This offering complements the suite that goes from the physical infrastructure all the way to the support of the application.
    How does VMware’s future look? Pulse IoT Center will help manage sensors and objects that are connected. With function as a service AI algorithms can observe and act on the system providing immediate response to different needs or patterns.

    2017-08-29 10.13.26Moving the functions to the data and not the other way around, bring the public cloud the edge of your on-prem DC.

    2017-08-29 10.16.01
    In my opinion, we are witnessing the evolving of multiple clouds to just one. It will not be private, public, or hybrid; it will be one cloud on any device used by any app.

     

  • VMWorld 2017 End of Day One – What Now?

    The first day is almost closing, great sessions, thousands of VMs and Hands on Labs, vBreakfast, vLunch, vBeers. Reunited with old friends, made some new ones. In summary, an awesome day and this is only the beginning! Where do we go from here? I mean that literally, don’t even think that I am going to solve your cloud migration problems right now. Tonight there are several activities, for most of them you will need a reservation or sponsor, but I guess you always know someone that knows someone, right? (except for the Mayweather bout) Here is a list to a few of the networking opportunities:

    1. IGEL, Login VSI & Nutanix Exclusive Happy Hour
    2. Dell/VMware/NVIDIA Channel Partner Dinner at Seafood at Mandalay Bay.
    3. VMware Latin America reception

    I will see you all tomorrow walking around, collecting swag and learning everything I can. ENJOY!

  • VMworld 2017 Day One General Session

    VMworld 2017 Day One General Session

    This morning we woke to a couple of announcements from VMWare, first VMware on AWS is available on a By-The-Hour basis and also the new AppDefense security offering. At the main session, Pat welcomes a crowd of 20k+ participants and takes a minute to ask for help in any way to the victims of Hurricane Harvey. Every day across everything we do, touch, and see technology is changing the way we experience our surroundings. Changes in technology aim to create higher value jobs, not about bringing old jobs back. VMware’s vision of any device, any application, any cloud spans across all aspects of our life is now more pertinent with things like IoT, and it tries to get the users and apps closer and closer by delivering those apps in a simple but secure way. When listening to Capital One

    By listening to Capital One, we can confirm that most companies now technology companies. That their business could be banking, food or marketing, but every company has to be a technology company to be able to reach the users in more efficient ways.  From VMware’s https://cloud.vmware.com/vmc-aws we get what is VMware Cloud on AWS: “VMware Cloud on AWS is an on-demand service that enables you to run applications across vSphere-based cloud environments with access to a broad range of AWS services.” Some of the use cases for this new offering are:

    1. Test and Development: without a massive capital investment you can start working in little time on new projects.
    2. Migrate applications on-prem to off-prem and back, use this to grow only when needed and pay only for that time.

    The pricing at this stage is as On Demand and pay only for what you use, later more offerings will be available.

    The new security offering, AppDefense, is based on the NSX software defined networking platform. A new approach is needed to protect the apps and data. AppDefense is application focused, and it will identify and capture the behavior of the application, in this way it will be able to determine problems with it. After detecting anomalies, it will also be able to take actions (automated) depending on what is happening. This process is called “Capture Good”. One neat topic that came up is Cyber Hygiene. VMware published a new paper on it, and these are what VMware calls the five pillars:

    1. Least Privilege
    2. Micro-Segmentation
    3. Encryption
    4. Multi-Factor Authentication
    5. Patching

     

    2017-08-28 10.01.25
    Pat Gelsinger and Cyber Hygiene

     

    You can find the paper here.

    NSX is the key that glues it all together. I’ve been coming to VMworld for three years now, and every year I meet more and more people with NSX as part of their environments. It all answers to the need of agility and rapid growth. I’ve heard this too many times now: go fast or it will pass by you.

     

  • Assessment Led Selling

    Assessment Led Selling

    One on the most important gains at VMware Partner Exchange is learning how to approach a client to help them achieve their goals and solve their problems. We all know that we should lead with a solution and not a product, but to design the right solution we need a good understanding of their environment and a clear view of the need. With an assessment of the customer’s environment, we will have a better view of their system and may even find things that they are not aware of.

    Leading the sales with an assessment means using tools, health checks, observations, and interviews to enable the sale of a solution.

    Let me summarize why we should lead with an assessment.

    1. Shortens the sales cycle by removing the objections to the solution that the client may think will not apply to their environment.
    2. Increase your value as a trusted advisor by providing insight into the customer’s system that sometimes not even themselves know about.
    3. Demonstrate the value of the solution with actual data and not just hypothetical cases.
    4. Quantifies the benefits of the solution and amplifies the potential deal size.

    Two examples of assessments that I use are:

    It is important that the process is one in which all stakeholders are part of the assessment. The technical operations personnel will provide the devices and will facilitate the installation, and all executive level people will provide the budget.

     

  • vExpert, VMworld, and I

    vExpert, VMworld, and I

    VMworld 2017 here we go! I am so happy to be back this year, flying in on Friday this time to sit on the PEX Workshops. I am refreshing all my NSX knowledge this Saturday.

    As a technology enthusiast, I like to write about what I do, the things I design, implement and especially those problems that I find and that there is no official documentation on how to solve them.
    Here I have a few study guides, some tricks of the trade and from time to time I share my opinion on current topics. When I learned that VMware had a program called VMware vExpert, I decided to apply. This program helps me sharing my knowledge and multiplies my effort in contributing back to the community.

    The VMware community is something special; you can request assistance from a lot of great engineers out there. There is a certain camaraderie among all the users, vExperts, employees and everyone that in some form is related to VMware that feed the community and brings it all together. One of my favorites is the vBrownBag (https://vbrownbag.com/) community that meets weekly and is a great contributor during VMworld each year.

    For me, VMworld provides a stage to grow as a professional. Each year I select the sessions that will provide me and ABS the most advantage taking into consideration our current client base, my knowledge gaps and what we think is the direction and possible adoption of new technology.

    The VMware vExpert program supports the community by providing access to the software via evaluation licenses. It helps with private channels and forums, and honestly, it is cool to have a group that gives you the feeling that you belong and that you are giving something back. The program provides a lot of training not only about VMware products but also about the integration with everything the different companies use every day on to of their vSphere environment.

    To apply to be a vExpert the most notable feat is to have a hunger for learning and sharing. If you feel awesome when you write a blog about the things that you do then in your heart you are good prospects.

  • Top vBlog 2017!

    Top vBlog 2017!

    It is voting time! Eric Siebert (find him at vSphereland) has this annual vBlog survey and for the first time, my site is listed this year. If you think that my blog has benefitted you (even to help you go to sleep) please take a minute to cast your vote. Find vWannabe.com (Javier Rodriguez) in the Top 50 and Top Independent categories. Thanks!

    vote-button1-300x298

  • VMworld 2017

    VMworld 2017

    Here we go again, is that time of the year when thousands of IT wizards get together in one of the most intense conferences about virtualization, cloud and all the technologies that are shaping our world. You still have time to register: VMworld 2017. I wanted to write a quick few lines to help you get the most out of this event. In my experience, this is a great opportunity to grow as a professional and enjoy everything Las Vegas has to offer.

    Tip #1: Partner Workshops

    If you work for a partner and you are planning on participating in both the general conference and the partner activities, then plan to arrive on Friday. The cost of the flight is even less than arriving Saturday or Sunday and the hotel is so inexpensive that it’s worth it. By arriving Friday you’ll have the opportunity to participate in one of the forty partner workshops offered during Saturday.

    Tip#2: Engage the Experts

    There will be several opportunities to get one on one with VMware employees that work on a daily basis with different technologies like EUC, Automation, Software Defined, you name it. Make the most out of this time, it is like free money! The time spent here will benefit your solutions and plans for your IT department and organization.

    Tip#3: Hands on Labs

    If you don’t participate on these it would be like visiting Universal Studios, FL and not going into the Harry Potter rides. The trick with these is to schedule your labs and workshops the day the registration opens because the available seats are limited. In any case, don’t give up and go get signed on the waiting lists when you get there because some people like to drink and gamble too much and never show up.

    Tip#4: Plan your sessions

    There is so much to learn that it can be overwhelming. Take time to schedule the sessions base on your technical level and interests. Pay attention to the more prominent presenters, like Duncan, because these sessions fill really fast.

    Tip#5: Solutions Exchange

    Bring one extra duffle bag to take back home all the goodies. There are a lot of prices, some are really nice like the raspberry pie I got last year from Datrium.

    Tip#6: Don’t Worry about the food

    There is food everywhere and the scheduled meals are awesome.

    Tip#7: Let the party start!

    In my opinion, VEAM has a great party and make sure you don’t miss the VMware’s customer appreciation event. If you are a vExpert please stop by the reception to meet VMware’s CEO and other important leaders. Remember to work out your social schedule, there is a lot going on at night.

    Tip#8: Enjoy!