vSphere 5 Video – Direct Console User Interface Access through SSH

This video will show you an new vSphere 5 feature which enables you to get access to the Direct Console User Interface (DCUI) through SSH instead of the ESXi physical console. Only users that are assigned the Administrator role can log in to the Direct Console User Interface (DCUI). To allow access to the direct console, add the user to the local administrators group. Enabling or disabling lockdown mode affects which types of users are authorized to access host services, but it does not affect the availability of those services. In other words, if the ESXi Shell, SSH, or Direct Console User Interface (DCUI) services are enabled, they will continue to run whether or not the host is in lockdown mode.

Configure Lockdown Mode

To increase the security of your ESXi hosts, you can put them in lockdown mode. When you enable lockdown mode, no users other than vpxuser have authentication permissions, nor can they perform operations against the host directly. Lockdown mode forces all operations to be performed through vCenter Server.

When a host is in lockdown mode, you cannot run vSphere CLI commands from an administration server,vfrom a script, or from vMA against the host. External software or management tools might not be able to retrieve or modify information from the ESXi host.



The root user is still authorized to log in to the direct console user interface when lockdown mode is enabled. Enabling or disabling lockdown mode affects which types of users are authorized to access host services, but it does not affect the availability of those services. In other words, if the ESXi Shell, SSH, or Direct Console User Interface (DCUI) services are enabled, they will continue to run whether or not the host is in lockdown mode.


Video – Enabling NetFlow on vSphere 5 Distributed Switches

NetFlow is a general networking tool with multiple uses, including network monitoring and profiling, billing, intrusion detection and prevention, networking forensics, and SOX compliance. NetFlow sends aggregated networking flow data to a third?party collector (an appliance or server). The collector and analyzer report on various information such as the current top flows consuming the most bandwidth in a particular virtual switch, which IP addresses are behaving irregularly, and the number of bytes a particular virtual machine has sent and received in the past 24 hours. NetFlow is a mature technology, developed by Cisco, that is widely supported by third?party collectors. NetFlow enables visibility into virtual machine traffic in a virtualized datacenter.


ManageEngine NetFlow Analyzer is a web-based bandwidth monitoring tool that collects NetFlow data exported from routing devices, and uses it to analyze and report on IP traffic across the network. With instant reports on top applications, protocols, conversations, and hosts, NetFlow Analyzer gives you valuable insight into bandwidth usage in your enterprise without the complexity and expense involved in a traditional WAN analysis setup.  


Video – How to setup a vSphere 5 Port Mirror

Port mirroring is the capability on a network switch to send a copy of network packets seen on a switch port to a network monitoring device connected to another switch port. Port mirroring is also referred to as Switch Port Analyzer (SPAN) on Cisco switches. In VMware vSphere 5.0, a Distributed Switch provides a similar port mirroring capability to that available on a physical network switch. After a port mirror session is configured with a destination—a virtual machine, a vmknic or an uplink port—the Distributed Switch copies packets to the destination. Port mirroring provides visibility into:

• Intrahost virtual machine traffic (virtual machine–to–virtual machine traffic on the same host)
• Interhost virtual machine traffic (virtual machine–to–virtual machine traffic on different hosts)

The port mirroring capability on a Distributed Switch is a valuable tool that helps network administrators in debugging network issues in a virtual infrastructure. The granular control over monitoring ingress, egress or all traffic of a port helps administrators fine-tune what traffic is sent for analysis.

Port mirror configuration can be done at the Distributed Switch level, where a network administrator can create a port mirror session by identifying the traffic source that needs monitoring and the traffic destination where the traffic will be mirrored. The traffic source can be any port with ingress, egress or all traffic selected. The traffic destination can be any virtual machine, vmknic or uplink port.