VIRTUAL DESKTOP STRATEGIES

Tailscale SSH Now in Beta for Simple and Secure Remote Connections

Tailscale | June 27, 2022

Tailscale
Tailscale has released Tailscale SSH to beta, which makes authentication and authorization trustworthy and effortless by replacing SSH keys with the Tailscale identity of any machine. With Tailscale, each server and user device gets its own identity and node key for authenticating and encrypting the Tailscale network connection, and uses access control lists defined in code for authorizing connections, making it a natural extension for Tailscale to now manage access for SSH connections in your network.

“SSH is an everyday tool for developers, but managing SSH keys for a server isn’t so simple or secure, SSH keys are difficult to protect and time consuming to manage. Protecting your network connections with SSH keys requires that admins spend significant resources managing, provisioning, or deprovisioning user access. Tailscale SSH removes the pain from SSH key management with the same powerful simplicity Tailscale offers for virtual private networks.”

Tailscale Product Manager Maya Kaczorowski

Kris Nóva, Senior Principal Engineer and published distributed systems expert used Tailscale to create a private network between her homelab in New York and a datacenter in Iceland: “Tailscale is seriously the best user experience of my life. I ran a Kubernetes 1.24 cluster on Tailscale with eBPF CNI networking on top of a tailnet, which connects my private subnet at home, across the Arctic ocean to a private subnet in a volcano-powered datacenter in Iceland. It blew my mind how easy and powerful it was to use. I’m excited to use their new SSH feature.”

With Tailscale SSH, users can now securely code from their iPad running Tailscale, across operating systems to a Linux workstation, without having to figure out how to get their SSH private key onto their iPad. Enterprise Tailscale customers will reduce churn and resources on SSH key management or bastion jump boxes, and avoid risk of exposing memory unsafe servers to the open internet. The beta release gives all users:
  • Authentication and encryption: Authenticate, authorize, and encrypt SSH connections using Tailscale. No need to generate, distribute, and manage SSH keys.
  • SSO and MFA: Use existing identity providers and multi-factor authentication to protect SSH connections the same way you authorize and protect application access.
  • Built-in key rotation: Tailscale makes it simple to rotate keys with a single command and manages key distribution. Node keys can be rotated by re-authenticating the device, as frequently as every day.
  • Re-verify SSH connections: Tailscale works with existing identity providers and re-verifies before SSH connections are established, and gives users the option to re-authenticate when establishing high-risk SSH connections.
  • Revoke SSH access easily: When an employee offboards, Tailscale allows admins to revoke access to SSH to a machine almost instantaneously with Tailscale ACLs.
  • Manage permissions as code: Define connections to devices using a standard syntax and understand SSH access controls in a centralized configuration file.
  • Reduced latency with point-to-point connections: Connect directly from a device to a server, without having to hairpin through a bastion. Developers can connect wherever they work, without slowing them down by routing their traffic through the main office.
  • Add a user or server painlessly: Maintain users and servers in a network without adding complexity. Tailscale ACLs to give the right people access and add it to a team's known hosts.

Tailscale makes network security accessible to teams of any scale and gives developers and DevOps teams the ability to connect to resources easily and securely in the cloud, on-premises, and everywhere in between. Tailscale uses the WireGuard® protocol, the open source, opinionated standard for secure connectivity. It is set up and configured in a matter of minutes on average, while other VPN solutions take weeks to fully implement and several hours a week to maintain.

About Tailscale
Tailscale builds software that makes it easy to interconnect and secure devices, no matter where they are. Every day, banks and multinational companies use Tailscale to protect their corporate networks. Homelabs and start-ups trust Tailscale to collaborate and share access to tooling. We're building a future for the Internet that's easy, small and safe, like it used to be. Founded in 2019 and fully distributed, we’re backed by Accel, CRV, Heavybit, Insight Partners, and Uncork Capital.

Spotlight

Some people prefer Hypo-V. But Doug Bassett, StormWind instructor and Sybex author, prefers Hyper-V for all his virtualization needs. Virtualization takes place on the same hardware platform after installing specific software - hypervisor. The hypervisor is an additional layer between physical and virtual spheres; it manages the system's hardware resources so they are distributed efficiently among virtual machines (VMs).


Other News
BACKUP AND DISASTER RECOVERY

Storagepipe Named Veeam Cloud & Service Provider Partner of the Year for Canada

Storagepipe | May 18, 2022

Storagepipe, a leader in backup, disaster recovery and cybersecurity services, proudly announces it has been selected as the 2021 Veeam Cloud and Service Provider Partner of the Year, Canada by Veeam® Software, the leader in backup, recovery and data management solutions that deliver Modern Data Protection. These annual awards recognize North America Veeam ProPartners and Veeam Cloud & Service Provider (VCSP) partners who have not only demonstrated success in providing Veeam solutions to their customers, but who have also provided first-class support, expert knowledge, continued product education, and a true Veeam strategy incorporated into their business. Storagepipe was recognized as Veeam Cloud and Service Provider Partner of the Year, Canada for demonstrating the best overall performance in areas of consistent revenue growth, collaboration with Veeam and proactive selling, and promoting Veeam solutions and adjacent technologies in Canada. "We are excited to celebrate and honor Storagepipe as the Veeam Cloud and Service Provider Partner of the Year, Canada. Storagepipe is an ideal Veeam partner, leveraging the Veeam program and resources to build and deliver reliable, revenue-generating Backup as a Service (BaaS) and Disaster Recovery as a Service (DRaaS) offerings. We congratulate Storagepipe on this award and look forward to even greater success in 2022." Matt Kalmenson, vice president of Americas Cloud at Veeam. The Storagepipe team is thrilled to receive this continued recognition from Veeam as one of North America's strongest Veeam Platinum Cloud Service Providers, and Veeam's 2021 VCSP of the year for Canada," said Steven Rodin, CEO of Storagepipe. "We continue to strengthen our market-leading position by enhancing our Veeam services and delivering exceptional and responsive solutions that center on our customers' success. We are honoured that our commitment to building deep technical expertise and expanding the breadth of our Backup, Disaster Recovery, and Cloud service offerings for small, mid-sized and enterprise customers has been recognized with this Veeam Impact Award." Storagepipe's successful collaboration with Veeam has enabled multiple cloud services including Veeam Cloud Connect, Veeam Managed Appliances for VMware and Hyper-V, Veeam Backup for Microsoft 365, and Veeam Replication for Disaster Recovery as a Service (DRaaS). Storagepipe is dedicated to continuing to build on this success through innovation and delivering world-class customer experiences into 2022 and beyond.

Read More

DESKTOP

IPVanish Announces Commitment to Privacy Amidst Indian Data Legislation

IPVanish | June 20, 2022

IPVanish, a no-log VPN provider, has released its formal response to impending internet surveillance and data retention legislation in India. In a blog post published on June 7, IPVanish stated that they will not compromise on their no-logs policy despite this new directive demanding logs from VPN providers. According to this new legislation, VPN providers would be required to collect certain customer data and may need to provide that information to Indian authorities. While the directive is not set to go into effect until later this month, IPVanish remains firm in its stance on protecting its customers’ privacy and will continue operating its Indian servers for the time being. Should the directive be enforced, IPVanish has stated that they will continue to prioritize their consumers' privacy and will take any required action, including shutting down physical servers in India to comply with the Indian government's directive. “Privacy will never be something we sacrifice, While we will remain watchful of this impending legislation in India, IPVanish is standing firmly by our zero traffic logs policy, and is prepared to take proper action should the law go into effect.” Subbu Sthanu, VP of Strategy & Product Management at IPVanish In April, IPVanish had its technology and no-log VPN privacy practices audited and certified by a respected independent third-party cybersecurity consulting firm. The IPVanish VPN service delivers: Secure access to the fastest VPN in the world End-to-end network encryption and data protection User-friendly apps for macOS, Windows, iOS, Android, and Amazon Fire TV A verified no-logs policy 24/7 customer support About IPVanish: IPVanish is a worldwide online privacy and freedom advocate. Providing secure access to shared IPs and servers in 75+ locations, IPVanish consistently tests as the fastest VPN service globally, while maintaining industry-best security, reliability, and privacy protection standards.

Read More

CLOUD

Cloud Foundry Launches New Platform to Simplify Kubernetes Developer Experience

Cloud Foundry | May 17, 2022

Cloud Foundry Foundation today announced Korifi, the beta release of a new Platform-as-a-Service (PaaS) that eases much of the complexity inherent to Kubernetes, to vastly improve the application deployment experience. The Kubernetes experience has been complex for operators and developers alike, Korifi harnesses the developer-centric experience of Cloud Foundry to deliver a Cloud Foundry-compatible application platform running on Kubernetes. "As Kubernetes has matured, our community has built several Cloud Foundry abstractions to reduce Kubernetes complexities," said Chris Clark, program manager of Cloud Foundry Foundation. "The proven Cloud Foundry developer experience already saves organizations millions of dollars by maximizing developer productivity. With Korifi, we're building on a new architecture learned from previous iterations like cf-for-k8s and KubeCF. Korifi brings greater interoperability with cloud-native technologies, bringing the ease and simplicity of the Cloud Foundry app developer experience to Kubernetes." Korifi's fully open-source code base and community-driven approach ensures that adopters get complete transparency and agility. For system integrators and service providers, Korifi is an avenue to enable a cloud-native transformation for their Cloud Foundry customers and also introduce a new cloud-based product. "Thousands of developers use Cloud Foundry everyday as an easy, reliable platform to deploy and manage their mission-critical applications. Their teams rely on its stability and automation to support those fleets of developers and applications. We see Korifi as an opportunity to ensure that Cloud Foundry interoperates well with the growing ecosystem of other cloud-native technologies and deployment practices." Craig McLuckie, chair of the Cloud Foundry governing board and vice president of research and development at VMware. Cloud Foundry is an open source technology backed by the largest technology companies in the world, including, HCL, Huawei, IBM, SAP, and VMware, and is being used by leaders in manufacturing, telecommunications and financial services. Only Cloud Foundry delivers the velocity needed to continuously deliver apps at the speed of business. Cloud Foundry's container-based architecture runs apps written in any language on a choice of cloud platforms — Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM Cloud, Microsoft Azure, OpenStack, and more. With a robust services ecosystem and simple integration with existing technologies, Cloud Foundry is the modern standard for deploying mission critical apps at global organizations. About Cloud Foundry Foundation The Cloud Foundry Foundation is a non-profit open source organization formed to sustain the development, promotion and adoption of Cloud Foundry as the industry standard for delivering the best experience for developers at companies of all sizes. The Foundation projects include Cloud Foundry, Paketo Buildpacks, Korifi, Eirini, BOSH, Open Service Broker API, CredHub, and more. Cloud Foundry makes it faster and easier to build, test, deploy and scale applications, and is used by more than half the Fortune 500, representing nearly $15 trillion in combined revenue.

Read More

VIRTUAL DESKTOP STRATEGIES

Claro Enterprise Solutions, LLC Adds VMware SASE to its Managed Service Portfolio

Claro Enterprise Solutions | July 04, 2022

Claro Enterprise Solutions and VMware today announced the addition of VMware Secure Access Service Edge (SASE) to Claro Enterprise Solutions' extensive portfolio of managed services. Claro Enterprise Solutions customers will now be able to leverage VMware SASE in Latin America to implement a Cloud-first approach to security, networking, and edge computing services. Andrés Mosquera, Chief Executive Officer at Claro Enterprise Solutions, said: "Our enterprise customers have accelerated the shift to a remote and distributed workforce, increasing their need for SASE solutions that meet their unique security demands. VMware SASE used along with Claro Enterprise Solutions' managed services and extensive network coverage offers an integrated solution with great performance that address network security challenges of a multi-cloud ecosystem while empowering digital transformation." VMware's comprehensive Cloud-delivered SASE solution brings together: Network performance benefits of SD-WAN Integrated security services delivered from the Cloud The ability to support modern distributed applications, which will benefit from artificial intelligence for IT operations, or AIOps, for faster problem resolution. VMware will deliver these capabilities as a service from a global network of over 150 points of presence (PoPs) deployed by VMware and its partners worldwide. In addition, through its affiliates, Claro Enterprise Solutions will host SASE PoPs across Latin America, including Brazil, Colombia, and Mexico. Craig Connors, Vice President and general manager of VMware's SASE business said, "Leading service providers like Claro Enterprise Solutions are modernizing their network to monetize services that their customers are demanding. SASE represents the future of networking, security, and edge computing. Our partnership with Claro Enterprise Solutions will accelerate the move to SASE and influence how companies across Latin America grow and support their workforce." About Claro Enterprise Solutions Claro Enterprise Solutions, an América Móvil subsidiary, is a leading source provider of Network Connectivity and Communication, Cloud, IoT, and IT Managed Services, delivering scalable solutions with layers of security, global expertise, and dependable customer support. More at www.usclaro.com About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company's 2030 Agenda.

Read More

Spotlight

Some people prefer Hypo-V. But Doug Bassett, StormWind instructor and Sybex author, prefers Hyper-V for all his virtualization needs. Virtualization takes place on the same hardware platform after installing specific software - hypervisor. The hypervisor is an additional layer between physical and virtual spheres; it manages the system's hardware resources so they are distributed efficiently among virtual machines (VMs).

Resources