Expensive to Retrieve

VMware’s Price Revolution: How Broadcom’s Changes Are Reshaping Mid-Market IT Strategy

/in , , /by

Feeling Renewal Pain

Bottom Line: Broadcom’s acquisition of VMware has triggered dramatic price increases of 800-1,500% for many customers, forcing mid-market organizations to urgently evaluate alternatives like Microsoft Hyper-V to maintain cost-effective virtualization infrastructure.

Since Broadcom acquired VMware in November 2023, the virtualization landscape has undergone seismic shifts that are particularly devastating for small and medium-sized enterprises (SMEs). What began as a strategic acquisition has evolved into a pricing revolution that’s forcing thousands of mid-market organizations to fundamentally reconsider their IT infrastructure strategies.

The Scale of the Price Shock

The numbers are staggering. Some customers report price increases ranging from 800% to 1,500%, while some organizations face even more dramatic hikes. AT&T claimed Broadcom offered them a 1,050% price increase, transforming their annual VMware costs from manageable to prohibitive overnight. For context, these aren’t modest adjustments—they represent a complete overhaul of the economic equation that made VMware attractive to mid-market clients.

The pricing transformation isn’t just about higher numbers. Broadcom has fundamentally restructured how VMware products are sold and licensed. The company eliminated approximately 8,000 individual product SKUs, consolidating them into just two primary bundled offerings: VMware Cloud Foundation (VCF) and vSphere Foundation. This consolidation forces customers to purchase entire suites rather than selecting specific components they actually need.

The Mid-Market Squeeze

Mid-market organizations are caught in a particularly painful position. Unlike enterprise customers who might already use multiple VMware products and could potentially benefit from bundling, smaller companies typically relied on standalone solutions like vSphere Essentials Plus—which Broadcom has now discontinued. These organizations suddenly find themselves forced into enterprise-grade bundles that include features like NSX networking and vSAN storage they never requested or needed.

The new core minimums compound the problem. Starting April 2025, VMware enforces a minimum 72-core license subscription for products like vSphere Standard, up from the previous 16-core minimum. For organizations running smaller deployments or edge locations, this means paying for licenses that far exceed their actual needs. It’s like being forced to buy a truck when you only need a bicycle.

The transition from perpetual licenses to subscription-only models adds another layer of financial pressure. Many mid-market companies relied on the predictable, one-time costs of perpetual licenses that could be amortized over several years. The new subscription model transforms capital expenditures into ongoing operational costs, fundamentally altering budget planning and cash flow management.

We’ve actually run into instances where Broadcom is quoting OVER published list price for clients that they feel they can extort with a higher cost.

The Search for Alternatives

Faced with these dramatic changes, mid-market organizations are actively exploring alternatives, with Microsoft Hyper-V emerging as the most compelling option for many. The appeal is both strategic and economic.

Cost Advantages: Hyper-V is included with Windows Server licenses at no additional cost, providing immediate relief from VMware’s pricing pressure. For organizations already invested in Microsoft’s ecosystem, this represents enormous potential savings. While enterprises might need additional management tools like System Center Virtual Machine Manager, the base virtualization capabilities come without separate licensing fees.

Technical Maturity: Modern Hyper-V has evolved far beyond its early limitations. Windows Server 2025 includes significant enhancements to GPU partitioning for AI workloads and improved scalability that now supports up to 24TB of host memory—actually surpassing VMware in some specifications. Features like Live Migration, high availability clustering, and robust security through Shielded VMs provide enterprise-grade capabilities that match much of what VMware offers.

Integration Benefits: For organizations running Windows-centric environments, Hyper-V offers seamless integration with Active Directory, Group Policy, and Azure cloud services. This tight integration often translates to simplified management and reduced administrative overhead compared to managing separate VMware infrastructure alongside Microsoft systems.

Migration Feasibility: While migrating from VMware to any alternative requires careful planning, Hyper-V’s similarities in core virtualization concepts make the transition more approachable than some alternatives. Many organizations are discovering that their Windows-based workloads migrate relatively smoothly to Hyper-V environments.

Strategic Considerations for Mid-Market Leaders

The decision to migrate away from VMware shouldn’t be taken lightly, but the current pricing environment makes exploration essential. Organizations should conduct thorough assessments of their current VMware usage, identifying which features are truly necessary versus those that could be replaced with alternative solutions or eliminated entirely.

The migration window is critical. Existing VMware customers still operating under older support agreements have time to plan, but that window is closing. Organizations should begin testing alternatives immediately, even if they ultimately decide to remain with VMware under new terms.

For many mid-market companies, this crisis presents an unexpected opportunity to modernize their infrastructure approach. Some are discovering that moving workloads to public cloud platforms or adopting hybrid strategies provides better economics than either VMware or on-premises alternatives.

Looking Forward

Broadcom’s transformation of VMware reflects a deliberate strategy to focus on larger, more profitable customers while shedding smaller accounts. For mid-market organizations, this reality demands urgent action. The days of affordable, flexible VMware solutions for smaller deployments appear to be ending permanently.

The good news is that alternatives like Hyper-V have matured significantly and can now handle most workloads that previously required VMware. Combined with cloud-native solutions and modern infrastructure approaches, mid-market organizations have viable paths forward—but only if they act decisively.

The virtualization landscape is experiencing its most significant disruption in decades. Organizations that move quickly to evaluate and implement alternatives will be best positioned to maintain cost-effective, capable infrastructure. Those who delay risk being trapped in unsustainable licensing agreements that could constrain their growth and innovation for years to come.

The revolution is here. The question isn’t whether change is coming—it’s whether your organization will lead or follow in responding to it.

Microsoft NCE (New Commerce Experience) and how it will impact your organization

/in , , , /by

Microsoft is releasing the details of the Microsoft NCE (New Commerce Experience) on January 10th, 2022.

This is a price increase for Microsoft 365 and a change in the commitment process.

New Commerce Experience

– January 10, 2022: Microsoft will launch the general availability of NCE for Modern Work and Dynamics 365 for indirect partners to offer to CSP re-sellers. Microsoft will also offer two time-bound promotions to incentivize users via their reseller partners, to migrate to NCE.

These promos are:

 5% off annual subscriptions January through March 2022 

Monthly subscriptions will be available at annual pricing from January through June 2022.  

So, this would require you to sign up with your reseller and change from a month-to-month contract to an annual contract. There is an option to stay month-to-month, but there is a 20% premium fee!

– March 1, 2022: There will be a price increase for the following products: 

Enterprise 
Office 365 E1: $10 (from $8)

Office 365 E3: $23 (from $20) 

Office 365 E5: $38 (from $35) 

Microsoft 365 E3: $36 (from $32) 
 

SMB: 
Microsoft 365 Business Basic: $6 (from $5) 

Microsoft 365 Business Premium: $22 (from$20). 

Please note Microsoft is NOT changing pricing for Microsoft 365 E5, Microsoft Business Standard, or the Frontline SKUs.

– March 10, 2022: All new subscriptions for Modern Work and Dynamics will be required to be procured through the NCE Platform.

  

– July 1, 2022:  All renewal subscriptions for Modern Work and Dynamics will be required to be procured through NCE Platform. Pax8 will no longer allow partners to renew customer subscriptions on CSP legacy. 

October 1, 2022: Incentives only available for NCE transactions (through MCI). 

  

– July 2023:  All non-migrated client subscriptions must be moved to the New Commerce Experience.  

  

What Does This Mean for You?

Moving to the New Commerce Experience will help you prepare for future growth thanks to improved revenue predictability, reduced licensing complexity, multiple term options, and features that enable new sales capabilities and operational efficiencies. You can expect: 

Term Options 

– Monthly term options at 20% premium – if you want to stay on month-to-month, there is a 20% premium in cost.

– Annual term options; upfront or monthly payments 

– Tri-annual term options; upfront, annual, or monthly payments  

Cancelation period is now 3 days, including day of purchase. There will be a full refund issued if canceled on day 1, and a pro-rated refund if cancelled on days 2 and 3. 

Windows 365: Windows 365 subscriptions will only be available via the monthly term offer on NCE. Windows 365 subscriptions will not be subject to the 20% premium for monthly terms at this time.  

Nonprofit and Education: Nonprofit and Education licenses will not be offered on NCE at this time. Non- Profit and Education products will not be affected by the price increases in March.  

Cisco drives that operate for 40k hours will cease to function

/in , , /by

Cisco just announced a new Field notice regarding Defect ID CSCvt55829 which is an industry wide firmware index bug.

Under normal operation, after 40,000 power-on hours (4.5 years), the SSD will report that 0 GB of available storage space remains. The drive will go offline and become unusable.

These drives were used in the following C-Series products and there is a firmware upgrade to resolve the issue.  For more information you can go to the Field Notice FN – 70545.

 

UCS Manager based B and C-Series Software Release Software Downloads
Release 4.1(1c) and later

VMware code execution flaw CVE-2021-21972

/in , , , , /by

There is a newly disclosed code-execution vulnerability in VMware vCenter.  VMware was quick to release a patch (within a day) and it can be found here.

The severity of this vulnerability as well as the fact that there are exploits available for both Windows and Linux servers, kicked off a flurry of mass scanning for vulnerable vCenter Servers.

Code execution, no authorization required

CVE-2021-21972 allows hacker with no authorization to upload files to vulnerable vCenter servers that are publicly accessible over port 443, researchers from security firm Tenable said. Successful exploits will result in hackers gaining unfettered remote code-execution privileges in the underlying operating system. The vulnerability stems from a lack of authentication in the vRealize Operations plugin, which is installed by default.

The flaw has received a severity score of 9.8 out of 10.0 on the Common Vulnerability Scoring System Version 3.0. Mikhail Klyuchnikov, the Positive Technologies researcher who discovered the vulnerability and privately reported it to VMware, compared the risk posed by CVE-2021-21972 to that of CVE-2019-19781, a critical vulnerability in the Citrix Application Delivery Controller

Ransomware and the impact to your business

/in , , /by

Everyday, you read another story about how a company has been hit by a ransomware attack, which potentially can disrupt your business, services to your clients and livelihood of your employees.

Just last week it was announced another company, Forward Air, was hit by a ransomware attack, which disrupted services and impacted revenue.  This attack was attributed to a group “Hades”.  Forward Air, a trucking company from Tennessee, posted revenues of $1.4 billion in  2019 and employs more than 4300.

The ransomware note, resembles a similar note used by another ransomware group known as “REvil”, also known as “Sodin”.

Hades Tor site

 

This is a Sodinokibi variant that was first seen in early 2019.  Sodinokibi is what is known as ransomware-as-a-service, basically a software package which is catered by underground vendors to threat actors providing them a ransomware platform tool.

Companies are limited in their ability to defend against this type of exploitation, especially if they do not have full time IT staff or contracted Managed Service Providers that focus on security.  Your organization must follow the following guidelines to help mitigate your exposure:

  • Patch aggressively so vulnerabilities are eliminated and access routes are contained
  • Enable endpoints with tools that automatically detect and respond to infections before they become systemwide
  • Enable network threat intelligence tools to detect anomalies in your network traffic
  • Make sure emails are screened for malicious payloads and links
  • Minimize access levels by employees to perform their job functions

If you have been hit by ransomware, or just want to assess your company’s state of preparedness, reach out to us to discuss your needs.

LMJ is a full service Managed Service Provider, with offices in Alaska and California.

 

VDI infrastructure

Covid has changed the way we use the Internet at home

/in , , , , , /by

A recent article in the NY Times, highlighted the fact that we have moved away from our phones as the primary mode of interacting with content on the internet, as we sheltered at home.  In addition, there has been a huge increase in the use of video chat, including Zoom, Google Classroom and Microsoft Teams, as we look at ways to perform the face to face interactions that we took for granted, in our day to day lives and work environments.

Working from home has changed many company’s employee interactions with high reliance on the tools that allow them to do their jobs, while still being home to take care of children who are also remotely learning.   As a Managed Service Provider, we have been hard pressed to assist our clients in expanding the availability of remote access to critical software tools, stuck at their corporate offices and co-location facilities.   Companies that readily integrated cloud services, such as Office 365, Google Suite and Egnyte have fared better and been more easily able to transition to this difficult, distributed work force.

If your company has not thought about how they are going to support their home-workers, it is a good time to evaluate the services of a good Managed Service Provider that can help you create a strategic plan to provide services, maintain and support your remote teams.   The home environment adds other security issues as well, with unknown firewalls, wifi and IOT devices with potential access to your company’s data.

If your company is in search of good advice, we’re here to help in the San Francisco Bay Area as well as the Anchorage Metro.

Windows 7 end of support January 20th, 2020

/in , /by

Yes, another article on the end of support for Windows 7.

We’re now in June, and there is limited time to plan your workstation upgrades and work with your software vendors to upgrade your servers to 2016 or 2019 server.

Workstation Roll outs:  If your business is still running Windows 7, now, really, now is the time to start placing those orders for new equipment.

The old way was to have your own image, to write over the OEM image on the new desktop or laptop.

  • 10-30 users – just plan on manual deployment
  • 30-500 users, and an Office 365 Azure Active Directory Premium customer- you might benefit from Microsoft Autopilot.
    • Cloud based
    • Zero Touch
      • After profile configuration
    • Direct shipment from Manufacture (Acer, Dell, HP, Lenovo, Panasonic, Microsoft Surface and Toshiba)

What Microsoft has done, it really cool and helps companies simplify the roll-out of new devices, no matter what network they connect to.

You have granular control of what the end user sees when they first logon to the device.

  • End-user license agreement (EULA): (Windows 10, version 1709 or later) Choose if you want to show the EULA to users.
  • Privacy settings: Choose if you want to show privacy settings to users.
  • Hide change account options (requires Windows 10, version 1809 or later)
  • User account type: Choose the user’s account type (Administrator or Standard user).
  • Allow White Glove OOBE
  • Apply device name template: Choose Yes to create a template to use when naming a device during enrollment. Names must be 15 characters or less, and can have letters, numbers, and hyphens. Names can’t be all numbers. Use the %SERIAL% macro to add a hardware-specific serial number. Or, use the %RAND:x% macro to add a random string of numbers, where x equals the number of digits to add.
  • Language (Region)*: Choose the language to use for the device. This option is only available if you chose Self-deploying for Deployment mode.
  • Automatically configure keyboard*: If a Language (Region) is selected, choose Yes to skip the keyboard selection page. This option is only available if you chose Self-deploying for Deployment mode.

So, if you are a corporate customer, with Office 365  work with your solution provider to add Office 365 Azure Active Directory Premium services to simplify your Windows 10 deployment options.

InfoWorld – MongoDB ransomware attacks sign criminals are going after servers, applications

/in , /by

The tremendous success of ransomware infections over the past year showed cybercriminals that holding data for ransom is the key to making money from online attacks. Ransom-based attacks are evolving, and if enterprise defenders aren’t careful, they are going to soon see more ransom notes popping up on their servers, databases, and back-end applications.

Consider last week’s events: After Victor Gevers, a security researcher and founder of GDI Foundation, reported several hundred instances of publicly exposed MongoDB installations had been wiped and held for ransom over the previous two weeks, several other attackers joined in, bumping the number of compromised databases from several hundred to more than 10,000.

The attackers didn’t need to bother with malware to gain access to the database or the information saved within—the door was wide open since these MongoDB installations used the default configuration, which allowed unauthenticated connections via port 27017. These databases were fully accessible from the internet, and anyone connecting via that port had full administrator rights to read, create, update, and delete records.

While compromising a few systems and encrypting the data in large enterprises will continue to be lucrative—healthcare facilities paid out thousands of dollars in 2016 to regain control of their data and systems—attackers are going to change tactics to keep their income stream flowing. Databases, web servers, application servers, enterprise resource planning (ERP) systems, and other enterprise applications all contain valuable information that can disrupt business operations if stolen.

“Attackers are always looking to increase the value of what they steal,” said Jeff Schilling, chief of operations and security at cloud security provider Armor.

It’s a safe bet that even if the enterprise doesn’t use MongoDB, which is widely used in big data and heavy analytics environments, it may be running other servers or applications that are accessible from the internet and vulnerable to attack. Criminals can easily shift their attacks to those servers and applications. Already, last spring, researchers from Cisco’s Talos Security Intelligence and Research Group found that attackers were exploiting vulnerabilities in JBoss application servers to spread SamSam ransomware.

New targets, new victims

The data contained on those systems don’t have to be something the attacker can sell on the black market—it just needs to be valuable to the owner. It doesn’t matter if the database or back-end system doesn’t have financial data or transactional information. Application source code, personnel files, organization data, and entire application servers are all valuable.

“As long as it’s valuable to someone, attackers can target it for ransomware in order to make a profit,” said Jordan Wright, an R&D engineer at authentication company Duo Security.

Ransoms are most effective when there are no backups to restore the data. While most enterprises typically have some kind of backup strategy in place for databases and critical enterprise applications, they may still be forced to pay because of the perception that it will take too long to restore from backups.

In the case of those enterprises with compromised MongoDB installations, at least 20 victims sent the 0.2 BTC ransom (about $220 at current prices) to the BitCoin address used by the initial attacker between Dec. 21, 2016 and Jan. 6, 2017, according to information available on Blockchain.info.

Imagine being an Oracle or SAP administrator and one day finding that an attacker had copied all the data and then wiped the systems.

In case the idea of data stolen from code repositories and databases wasn’t scary enough, software-as-a-service applications could become the next ransom target, Schilling said. An attacker could demand the ransom from the SaaS provider by successfully breaking into the network and disrupting operations, or from the SaaS customer by preventing the customer from accessing the data. A network breach on the provider side seems unlikely, but not impossible, since SaaS companies tend to invest heavily in securing their infrastructure.

But then, the massive DDoS attack against DNS provider Dyn affected SaaS providers adversely, without even touching their networks. That ransom demand could have gone sky-high, had the attackers gone that route.

Customer-side ransoms sound even more likely. There are already ransomware strains capable of encrypting data on cloud storage sites by infecting a computer that had a synced folder. Attackers can use stolen or compromised credentials to gain access to the customer’s SaaS instance and all the associated data. Whether the customer would pay would depend on how quickly—and completely—the provider would be able to restore the data.

All kinds of attacks, not just malware

It will be a mistake to keep focusing on the malware. Yes, there are reports of ransomware on Smart TVs, and malware will continue to encrypt data stored in enterprise networks. However, ransomware isn’t the only way cybercriminals have extorted enterprises in the past, and it isn’t going to be the only approach going forward.

Remember that the attackers behind Sony Pictures demanded “monetary compensation.” And ProtonMail and Feedly both were slammed with distributed denial-of-service attacks when they refused to pay.

Cybercriminals are going to make money however they can, and if it is easier to compromise the database by exploiting unpatched remote code execution vulnerabilities and escalation of privilege flaws, or through spear phishing, they aren’t going to bother to try to infect the server with malware. Or they may use a combination of scripting languages such as PowerShell and JavaScript to compromise systems, which doesn’t leave behind any malware samples for defenders to detect.

Defender checklist

Attackers are trying to figure out which types of data companies consider valuable, and which organizations are more likely to pay. The initial MongoDB attacks were originally nondiscriminating and compromised any open MongoDB installations, but security researchers believe the latest attacks are more selective, targeting healthcare providers, telecommunications companies, data brokers, and electric utility firms.

IT teams need to expand their focus and look at all the various ways their data could be stolen. Don’t get bogged down looking for malware samples or signs of infections, because the attacker demanding the ransom may use other methods to hold the data.

Attackers connected to vulnerable MongoDB installations via port 27017. Organizations using the default installation of MongoDB should update their software, set up authentication, and lock down port 27017.

That advice applies to other databases, servers, and applications as well. ERP systems such as SAP need to be configured to consider security. Database ports should be locked down. Software updates should be applied as soon as possible. Restrict remote access and require strong authentication for any user accounts that require remote access rights.

Administrators need to control and limit access to their organization’s data stored in their servers as well as in cloud applications. “Without mitigating controls like two-factor authentication, attackers can take over the data a user has access to by simply sending a phishing email,” Wright said.

IT teams need to stop thinking of ransomware as a malware infection and start thinking of a broad range of attacks that have an extortion component. This means beefing up data breach detection capabilities, securing systems so that data can’t be easily obtained, protecting the data even when defenses fail, and improving incident analysis so they can investigate thoroughly when something goes wrong. The attacks against MongoDB installations are just the beginning.

http://www.infoworld.com/article/3155435/cyber-crime/mongodb-ransomware-attacks-sign-criminals-are-going-after-servers-applications.html

data center blue image

5 Data Center Trends Changing Business as You Know It

/in , , , /by

Many of today’s sleekest, most sophisticated data centers have the humblest of beginnings. Whether you are upgrading your existing facility, building a new one, or considering outsourcing your data center to one of the growing number of hardened hosting facilities, here are five things to think about while preparing for the future.

Read more