Home > Blogs > VMware Security & Compliance Blog > Tag Archives: Center for Policy and Compliance

Tag Archives: Center for Policy and Compliance

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for Windows Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Windows Environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. PCI DSS 3.0 compliance toolkit for VMware vSphere based virtual environment and PCI DSS 3.0 Compliance toolkit for *NIX based environments were released earlier this year.

PCI DSS 3.0 compliance Windows toolkits are available for below environments:

Windows Server 2003 (DC and MS)
Windows Server 2003 R2 (DC and MS)
Windows Server 2008 (DC and MS)
Windows Server 2008 R2 (DC and MS)
Windows Server 2012 (DC and MS)
Windows Server 2012 R2 (DC and MS)
Windows 7
Windows 8
Windows 8.1

*Legends*
DC = Domain Controller
MS = Member Server

You can download the packages using Compliance Content Wizard tool in VCM or from VMware solution exchange and begin to use them.

Keep in mind that VCM manages not only virtual environments, but covers physical as well. It is the market leader in Configuration Audit, Change Detection, Patch Management and COMPLIANCE content. With new additions such as Scripted Remediation Framework, high level of OS patch automation with auto deploy functionality, Easy install and setup, SCAP based compliance and a new look and feel, it is better than ever before!

Come, join the journey to Start Green Stay Green!

Thanks and regards,
Pravin Goyal,
RHCE | HP-UX CSA | VCP4-DCV | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for *NIX Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for UNIX and Linux Environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. PCI DSS 3.0 compliance toolkit for VMware vSphere based virtual environment was released earlier this month.

Continue reading

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for Virtual Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Virtual Environment in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. We churned it pretty quickly and now have the PCI DSS 3.0 compliance toolkits available for below VMware vSphere based virtual environments:

VMware vSphere 5.0
VMware vSphere 5.1
VMware vSphere 5.5

Continue reading

VMware CP&C releases NERC Unix Compliance toolkit in VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of The North American Electric Reliability Corporation (NERC) UNIX compliance toolkit in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). The toolkit is aligned with CIP version 4 for Cyber Security.

 

 

  • Rules mapped to CIP section nos. for easy traceability
  • Rules for AIX, HP-UX, Solaris, RHEL 5 and RHEL 6
  • 4 collection filter sets containing 92 collection filters totally
  • 5 Rule Groups and 6 Templates containing 413 rules in total
  • A great new dashboard

You can download the packages using VCM Content Wizard and begin to use it.

Continue reading

VMware CP&C releases VMware vSphere 5.1 Hardening Guide Compliance toolkit in VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce, the most awaited and anticipated content of the year, the release of VMware vSphere 5.1 Hardening Guide Compliance toolkit in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). As a critical component of the vC Ops suite, VCM is the FIRST product in the market today to have the official GA version of the vSphere 5.1 Hardening Guidelines.

 

 

The package comes in 4 versions:

  • Full – Has all recommendations present in the hardening guide
  • Profile 1 – Has only Profile 1 recommendations
  • Profile 2 – Has only Profile 2 recommendations
  • Profile 3 – Has only Profile 3 recommendations

Continue reading

CIS and DISA CP&C toolkit update

Hi All,

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of latest Center for Internet Security (CIS) and Defense Information Security Agency (DISA) Compliance toolkit packages for VMware vCenter Configuration Manager (VCM).

The highlights of this release are as below:

  1. CIS has new content for
    • AIX 5.3-6.1 and
    • RHEL 6
  2. DISA has new content for
    • HP-UX 11.23 and 11.31
    • Solaris 10
    • AIX 6.1 and
    • RHEL 5

Continue reading

vSphere 4.1 Security Hardening Guidelines for vCenter Configuration Manager (VCM) Released

The VMware Center for Policy and Compliance is excited to announce our content release of the vSphere 4.1 Security Hardening Guidelines for vCenter Configuration Manager (VCM).
 
CP&C is a group of folks with alphabet soup behind their names that build content, thought leadership and evangelize our Security & Compliance  strategy all over the planet.
 
Why should you care about this latest release? That’s easy, the content supports ESX 4.1, ESXi 4.1 and vCenter 4.1. That means we can automate the continuous collection of data, compare it to our standards and within minutes provide prescriptive guidance on best practices and  reduce the LONG painful audit cycle.
 
Together VCM and Host Profiles become an important  part of creating a trusted virtual environment.  With VCM and the new CP&C content you can harden your ESX/i hosts based on vSphere standards and use Host Profiles to push these secure settings across your virtual infrastructure.  There is no longer a need to painstakingly pour-over the best practices or reference technical documentation in order to configure the Host Profile reference host(s) to meet these standards.
 
By the way, these standards have been recommended to the PCI Security Council as benchmark for 2.0 content around virtualization. (Stay Tuned!)
 
Yours Truly, George Gerchow – VMware Director of CP&C.
 
vSphere 4.1 Security Hardening Guidelines Compliance Dashboard snapshots:

Ss.1


Ss.2


Ss.3


Ss.4