[Citrix] XenServer 7.0 released

0

XenServer 7 was released in May of 2016.  It was available in pre-release form under the project name of Dundee.  All new XenServer installations should be made using XenServer 7.

Microsoft Technology integration

Citrix has a long history of integrating with, and supporting Microsoft operating systems and infrastructure products, and XenServer 7 is no exception.

  • Automated Microsoft Windows VM driver management
    Do you administer a larger XenServer environment? We currently support up to 1000 VMs per host, and have customers running thousands of hosts, so when time comes to updating the Windows VMs’ XenTools, it can be quite a challenge. Even with smaller infrastructures, the process of updating many Windows VMs can be a headache, something we’ve heard loud and clear from our customers. Our solution? Automation.
    In XenServer 7, it is now possible to let Microsoft Update Services automatically install and/or update the Windows VM I/O drivers contained within those VMs, moving this once cumbersome process into the standard organizational framework for how their Windows machines are updated.
  • Microsoft Server Message Block (SMB) support
    Adding to the wide variety of host storage connectivity, XenServer 7 now includes SMB to enable IT admins to use Windows storage devices running SMB for their XenServer VM’s disks.
  • Docker containers in Windows Server 2016
    In May 2015, XenServer introduced Docker container management for Linux VMs, opening up visibility and management to IT admins, of the containers being used within their XenServer infrastructures. This year for XenServer 7, we are really excited to be supporting Docker containers on Microsoft Windows Server 2016 OS, rounding off our of Docker support across both Linux and Windows, the first and only commercial hypervisor to do so.
  • A new Microsoft System Center Operations Manager (SCOM) management pack is now integrated and licensed in XenServer 7. For customers wanting greater Microsoft SCOM management visibility, this ties in well across the Citrix stack.
  • The Microsoft Active Directory integration within XenServer has been improved, changing the underlying connectivity components, which increases the scalability to support large AD forests, whilst also increasing performance.
  • XenServer 7 includes templates for Microsoft Windows 10 and preview of Windows Server 2016.

Revolutionary Security

Infrastructure security is always a challenge, and whether it’s protection from viruses, malware or hackers, there are a variety of tools and methods used by security vendors to help businesses protect their IT infrastructures from the variety of tools and methods used by the people with malicious intent. A big challenge is how malware and hackers get around, disable, or hide themselves from existing security solutions.

If someone can leverage a software vulnerability to gain access to a system, they tend to work their way up the security chain, seeking to get the highest level of system privileges from where they can disable security software and do the most damage or gain access to the most sensitive data.

XenServer 7 is different.

Working closely with Bitdefender, Citrix is proud to announce XenServer Direct Inspect APIs, which allow integration from third party security software companies to leverage hypervisor memory introspection (HVMI). This uses a privileged security appliance (SVA), one per-host to inspect the memory of VMs running on the host. As introspection is happening from outside the guest VM, there are no agents required within the VMs, and as such, nothing for a virus, piece of malware or hacker to disable within the VM. Should anyone also hack into a VM OS, they would also only be able to see within the boundaries of that VM container, and be completely unaware that a host-based SVA could be monitoring and blocking their activity; we call this “better than physical” protection.

diagram-6

Security products based on virus or malware signatures protect you from known risks, however what about day-zero attacks? How do you protect yourself against something for which there is no known signature? Bitdefender’s integration goes beyond the standard signature checking, by examining the techniques used by viruses or malware rather than their signatures, enabling protection of systems against day-zero attacks.

This solution isn’t targeted at replacing all disk based scanning protection, as the Direct Inspect APIs feature is a memory based solution, yet it extends protection through either a kernel-mode or user-mode (for specific applications), providing protection against a variety of security threats, including existing security products from being disabled. As such it complements existing disk based protection solutions. Find out more from Bitdefender on this blog and data sheet.

Some papers:

More information: Citrix

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *