VMware Increasing Pricing For Partners

I was forwarded an email today from a VMware distributor that informs VMware authorised partners that their prices are going up.

No customer buys software directly from the big software vendors. Typically the path is either:

  • Manufacturer > Distributor > Reseller > Customer
  • Manufacturer > Large account reseller > Large customer

Each link in the chain (or channel) makes a small percentage. There is a “price list” at the top of the chain, but that is often discounted. Discounts are applied to large deals, and that discount can vary depending on sales targets for the product, what is included in the deal (adding more can sometimes reduce the original price), the time in the sales cycle and the size of the deal. In the case of VMware, few ever pay the prices listed on their website.

This is the email sent out to VMware authorised partners:


VMware are reducing those discounts, giving VMware more earnings and reducing the profitability of VMware software to partners.

Do note, that any reseller that has a business plan to make profit from licensing needs to sell A LOT of licenses. Real profits for resellers come in services, not in s/w or tin.

Technorati Tags: ,

Microsoft News – 23 January 2015

If you’ve just emerged from a cave or from under a rock, then you might like to read about Windows 10 and HoloLens. It’s been amazing to see how in “90 minutes”, the image of Microsoft has done a 180 degree turnaround. The carefully orchestrated and timed announcements on Wednesday were very effective.

System Center

Windows Client


Office 365

  • New Office Visio Stencil: These stencils contain more than 300 icons to help you create visual representations of Microsoft Office or Microsoft Office 365 deployments including Microsoft Exchange Server 2013, Microsoft Lync Server 2013, and Microsoft SharePoint Server 2013
  • Azure RMS Migration Guidance: The Azure RMS Migration guidance contains a whitepaper with step-by-step guidance and links to cmdlets and tools to migrate on-premises Active Directory Rights Management Services (AD RMS) server key and templates to Azure Rights Management services (Azure RMS) while preserving access to protected content.

New Security Vulnerability in ESXi

VMware posted this article where academic research has found a vulnerability with Transparent Page Sharing (TPS). Apparently they can use this to determine the “private” AES encryption key of another virtual machine. Woops … another “breakout attack” for VMware. I’m still waiting on the first one for Hyper-V.

TPS is one of those features that vFanboys cling to when attacking Hyper-V Dynamic Memory. Now VMware are turning if off by default (starting Q4 2014 for ESXi 5.1, and later for other versions). Hmm, this case raises questions about the security design of vSphere.

I agree with VMware that the vulnerability is impractical in terms of usefulness to an attacker. But what if you could use TPS to get the private SSL key of an application server in a multi-tenant cloud, and then use that to launch man-in-the-middle attacks? That would be a serious threat.

Choose your hypervisor carefully – breakout attacks are BAD.

I wonder what fresh hate will be vomited in my direction by the vFanboys 😀 Thanks to Flemming Riis (@FlemmingRiis) for the heads up.

Technorati Tags: ,,

Microsoft News Summary – 1 September 2014

Frak! It’s September already!?!?!?! Here’s my first update in a since last Wednesday – travel and events took priority.

The big news broke late on Friday and Saturday. The moron judge presiding over the FBI/Microsoft case cancelled the stay on the order to force Microsoft to turn over data from the Dublin data centre to the US feds, thus breaching privacy and violating Irish and European laws. Microsoft is refusing to comply and is appealing to a higher court in the USA.




Windows Intune



  • What’s the Future for Surface Tablets? IMO, doom. It’s impossible to sell a business machine to business users if you don’t give businesses a way to buy the device and an SLA-enforced mechanism to support it. First of you to say "BYOD" gets a kick in the groin for drinking 2-year old Gartner KoolAid.




Microsoft News Summary – 26 August 2014

I know very few businesses deployed Windows 8, but any "upgrade" that requires a wipe & replace is not a service pack. However, that’s what Microsoft now thinks, and that’s had an impact on the Windows 8 support policy. Someone in Redmond needs a quick kick in the nether region, because coffee clearly won’t be strong enough.

And in other news on this slow morning, Steve Ballmer binged on a TV show featuring one of Hollyweird’s plastic surgery victims. Yeah; it’s always a slow period in the build up to big announcements.

Microsoft News Summary-2 May 2014

The big news yesterday was the general release of the new patch for IE on XP. Personally, I think this is a stupid mistake by Microsoft, and it will lead to some laggards to reason that Microsoft has reversed course on the end of support. Microsoft can comment all they want; most people never read blogs, press, or attend events. The mistake has been made, and it was one of the dumbest releases since Bob.

Microsoft News Summary-1 May 2014

Happy May Day, comrades! I was tied up with events the last couple of mornings so here is two days worth of news. Note the new beta for System Center Advisor. The security functionality looks very interesting!

VMware Is More Secure Than Hyper-V … And A Leprechaun Marries A Martian

In case you have been hiding under an IT rock, the world of the Internet has been rocked by a vulnerability found in the widely used OpenSSL. MVP Troy Hunt has a good description of the vulnerability here.

The list of known vulnerable sites is a who’s who of the Internet. Interestingly, servers that run on Windows Server and use the native SSL features of IIS are not affected. Note that Windows Server and System Center use native IIS functionality. Microsoft has also confirmed that Azure is also not susceptible to this attack.

Hmmm, who else is out there that might be vulnerable? Who do many claim is more secure, but really they’ve been found lacking? Who had a breakout attack (maybe more than one)? Who had a weakness in the design of their virtual storage that allows a guest OS admin to read files (passwords) from the host? Which other virtualization company is susceptible to Heartbleed?

Hmm, would it be …


Yup, if you have a recent product from VMware then your virtualization or cloud is vulnerable to attack. Got a public cloud based on vSphere? You are probably vulnerable.

The lesson here is simple: Building alleged enterprise-class software where no-one is responsible for trustworthy computing reviews is negligent. Who reviewed that code?

Now tell me that Microsoft makes insecure software … penguin lovers! Stick your hands up so we can send the men with nets after you conspiracy theorists or your bosses can identify the weak links in their IT departments.

Technorati Tags: ,

Please Welcome 5nine!

I’m pleased to announce that 5nine have become a sponsor of my blog.  5nine is a key player in the Hyper-V partner ecosystem, making of security, networking, and management tools & extensions.

Manager Banner 235x235 (Free)

You’ll find an alternative to SCVMM for small/medium businesses, extensibility to SCVMM and the Hyper-V virtual switch for the medium to large enterprise, and a number of very useful free tools.

Please take the time to evaluate 5nine’s tools and see what they could add to your network.

5nine Software Releases V2.0 Of VMware-To-Hyper-V V2V Conversion Tool (FREE!)

5nine Software announced the release of the free 5nine V2V Easy Converter v2.0 yesterday.  This will allow you to convert VMware VMs into Hyper-V VMs with support for VHD and VHDX and the following guest OSs:

  • Windows Server 2008
  • Windows 7
  • Windows Server 2003 (x86 and x64)
  • Most of Advanced Server 2000
  • Ubuntu Linux
  • CentOS Linux

Yes: V2V conversions to Hyper-V for Linux guests!

The last three versions of Hyper-V are supported:

  • Windows Server 2008 R2 SP1 Hyper-V
  • Windows Server 2012 Hyper-V
  • Windows Server 2012 R2 Hyper-V

If you have any questions, please contact 5nine Software Information at info(at)5nine(dot)com or via phone +44 (20) 7048-2021 from 7am to 5pm GMT