Solved

How to harden Windows 2008 R2 Virtual Machine ?

Posted on 2014-11-28
10
191 Views
Last Modified: 2014-12-02
Dear Experts,

One of our servers with Windows 2008 R2 Enterprise Edition runs on VmWare as a Virtual Machine. This server is an application server and connects to hundreds of systems transferring large amounts of data over network with FTP and Oracle SQLLOADER. We provided the best network environment by means of RAM, bandwidth, etc. However sometimes we face to bottlenecks.

Could you please provide me advanced tips and techniques to harden this server which has heavy network load?

BR
0
Comment
Question by:GurcanK
  • 4
  • 3
  • 3
10 Comments
 
LVL 120

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 200 total points
ID: 40471491
I assume this is Windows Security Hardening ?

Turn on WIndows Firewall, and create rules for all your servers, you need to transfer data to and from.

There is a good guide here and list

https://wikis.utexas.edu/display/ISO/Windows+2008R2+Server+Hardening+Checklist

and Microsofts Baseline Guide here

http://technet.microsoft.com/en-us/library/cc526440.aspx
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 300 total points
ID: 40471551
Sounds more like the need for performance monitoring to find bottlenecks.
"However sometimes we face to bottlenecks" - if you did face those, you should be able to describe them, I think.
-what was the bottleneck, when did it happen, how often does that happen?
->present process names, numbers (RAM load/storage load/network load)
->describe symptoms (what is expected vs. what is experienced) combined with numbers ("should take 5 seconds, but does take a minute", for example).
0
 

Author Comment

by:GurcanK
ID: 40471612
This is performance bootleneck. Sometimes FTP connections wait till timeout, or SQLLOADER waits forever.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 300 total points
ID: 40471620
You offer no entry points yet. How could you expect profound help with so little information? :-)
->if it normally works, but only sometimes is slow/sometimes times out, you have to analyze and describe the surroundings in that error state as closely as possible.
Monitor the load (hard drive/CPU/RAM) in the error state - anything special to see?
Monitor the system with procmon - anything special happening during errors?
0
 
LVL 120
ID: 40471625
Are you using VMware vSphere (ESXi) to host the VM ?
0
 

Author Comment

by:GurcanK
ID: 40471690
Yes I'm using VMWare vSphere ESXi Host.
0
 

Author Comment

by:GurcanK
ID: 40471693
I examined Performance of server via CPU and Memory usage. Memory is in average %30 and CPU usage in average %88.
0
 
LVL 120

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 200 total points
ID: 40471716
Okay, if you are using the E1000 interface for your VMs, this is WRONG!

and you need to replace it with the VMXNET3 interface, which is supported, and you must have VMware Tools installed.

This is a fully virtualised NIC, unlike the E1000 which is a legacy emulation designed for installation only in the OS.

There is also a tuning exercise you must also go through for the VMXNET3.

So do you have the E1000 installed ?
0
 

Author Comment

by:GurcanK
ID: 40471723
Yes it is E1000. This is good point. Thanks.
0
 
LVL 54

Accepted Solution

by:
McKnife earned 300 total points
ID: 40472395
Another thing: "CPU usage in average %88" - you mean on average, really? That's high. And how is it when the errors occur? Did you try to add another virtual CPU, yet?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Is your company's data protection keeping pace with virtualization? Here are 7 dynamic ways to adapt to rapid breakthroughs in technology.
Shell script to create broker configuration file using current broker Configuration, solely for purpose of backup on Linux. Script may need to be modified depending on OS-installation. Please deploy and verify the script in a test environment.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question