In case you missed it, on January 27th, 2015 a buffer overflow vulnerability in the glibc gethostbyname() function was disclosed. The issue is identified by CVE-2015-0235 and was given the name “Ghost.”
The VMware Security Engineering, Communications, and Response group (vSECR) began investigating this issue immediately.
The security blog at VMware released a blog post concerning this vulnerability, and a KB article was published:
VMware Response to CVE-2015-0235 - glibc gethostbyname buffer overflow, aka "Ghost” (2105862).
VMware has an established software security engineering group that integrates these techniques into the software development cycle, provides security expertise, guidance on the latest security threats and defensive techniques, and training within the development organization. This group is also responsible for driving VMware products through external security accreditations and certifications.
Many VMware products, including vSphere™, VMware vCenter™ Server, and vCloud Networking and Security (vCNS) have achieved Common Criteria certification under the Common Criteria Evaluation and Certification Scheme (CCS).Common Criteria is an international set of guidelines (ISO 15408) that provides a common framework for evaluating security features and capabilities of Information Technology (IT) security products.
For more information, visit VMware's Common Criteria and FIPS-140 Certifications.
Over the past few weeks we have been working on constructing a brand new network diagram, depicting ports in use for vSphere 5.x
These diagrams have been very popular in the past and we hope you like this one too! We created Knowledgebase article: Network port diagram for vSphere 5.x (2054806) as a container for the pdf diagram. The pdf also lists all of the ports used in tabular format.
If you'd like to see more of these, tell us in the comments section below!
Alternate download location.
Note: This information provided is on a best effort basis. VMware will endeavor to update the diagram as new releases come out.
As we spoke about in this announcement, here are our currently trending KB articles related to ESXi and vCenter Server. These are the issues the majority of users are encountering. See anything familiar?
Something you're going to see starting today are a new breed of KB articles, titled "Trending Issues: <topic of interest>". Our plan is to run reports on incoming support traffic and determine which KB articles are used most often. As well, we are interviewing our front-line support engineers and asking what issues they are experiencing the most. The plan is once they are established to update them periodically, depending on the trends we see.
Our first set of articles will be of interest to our users of VMware Fusion.
For those of you administering multiple vSphere environments, getting a SSO multisite deployment up and running in a correct configuration is very important. Multisite deployments are where a local replica is maintained at remote sites of the primary vCenter Single Sign-On instance. The process of setting this up is not complicated, but it is possible to take a wrong turn and end up wasting a whole lot of time correcting it. That is why we have created a best-practice Knowledgebase article titled: Multisite Single Sign-On deployment best practices. (2042849). We highly recommend you look at the examples in that article.
We've written extensively in this blog about SSO in the past. You can see all the other posts on the topic here: http://blogs.vmware.com/kb/tag/sso
If you are still at the point where you are asking yourself- what is SSO? and why do I care? we recommend you start with this great introduction from Justin King: vCenter Single Sign-On Part 1: what is vCenter Single Sign-On?
As a quick follow-up to our Introducing VMware vCenter Support Assistant 5.1 launch post, we put together a list of all the KB articles for the product.
If you're jumping on this new plug-in, and we don't see why you wouldn't, then it's always good to be armed with official support documentation for those corner cases when something goes wrong.
As time passes and new issues come up, this list will grow. To get the full listing just go to the main Knowledgebase page kb.vmware.com and select VMware vCenter Support Assistant as the product. Then click search.