Home > Blogs > VMware Education & Certification > Tag Archives: security

Tag Archives: security

Essential Elements of Micro-segmentation

Micro-segmentation For DummiesThe free Micro‐segmentation For Dummies®, VMware Special Edition ebook by Lawrence Miller, CISSP, and Joshua Soto provides a broad overview of micro-segmentation, including how it can help you defend your data center from attack, automating security workflows, as well as steps to getting started.

But before you can get started, you need to understand the essential elements of micro-segmentation, which they explain in Chapter 2:

Micro-segmentation enables organizations to logically divide the data center into distinct security segments down to the individual workload level, and then define security controls and deliver services for each unique segment. This restricts an attacker’s ability to move laterally in the data center, even after the perimeter has been breached — much like safe deposit boxes in a bank vault protect the valuables of individual bank customers, even if the safe has been cracked….

…the network hypervisor is uniquely positioned to provide both context and isolation throughout the SDDC — not too close to the workload where it can be disabled by an attack, and not so far removed that it doesn’t have context into the workload. Thus, the network hypervisor is ideally suited to implement three key elements of micro-segmentation: persistence, ubiquity, and extensibility.

Download your free copy today.

What’s Coming in 2017? Here’s What the VMware Magic 8 Ball Says

8-ball

 

As 2016 wraps up, predictions are flying on what’s ahead for the coming year. What can we expect to see in security? How will networking look 12 months from now? What changes are on the horizon for the cloud?

To help answer some of these questions, we asked VMware’s all-knowing magic 8 ball (i.e., we took a look through all the recent Radius articles and collected the ones that contained 2017 forecasts). Here are some of the top predictions we discovered:

 

2017 Predictions: Five Things to Come for Security

In this article, Tom Corn, SVP of Security Products at VMware, gives his top five predictions for the world of security in 2017. Among other topics, Corn discusses the outlook for mobile and cloud security, applications security, and what security practitioners can hope to see in terms of automation and simplicity.

 

The Third Industrial Revolution: Beyond 2017

VMware Americas Chief Technology Officer, Chris Wolf, discusses what he refers to as the ‘Third Industrial Revolution.’ In this Third Industrial Revolution, we will continue to see IoT and ‘intelligent’ things enter our work and lives in new and unprecedented ways that alter and enhance the way we operate. Here are his predictions for life beyond 2017.

 

2017 Predictions: What’s to Come for Networking

Wherein Bruce Davie, VMware’s Chief Technology Officer for Networking, discusses the future of networking and a fundamental shift of power toward lines of business and developers in 2017.

 

2017 Predictions: A CIO Perspective

Bask Iyer, CIO of VMware and Interim CIO of Dell, addresses how interconnection will affect 10 areas of business over the next 12 months. Some of the areas Bask talks about include mobility, the cloud, the IoT, Shadow IT, and the Uberization of Information Technology.

 

2017 Predictions: Five Things to Come for Cloud-Native Applications

In this article, Kit Colbert, Vice President and GM of Cloud-Native Apps at VMware, covers the future of cloud-native apps, specifically touching on containers and 5 things we can look forward in 2017.

 

Top Questions from Our Recent Horizon 6 View 6.2 Webinar

A few weeks ago we offered a free webinar on Horizon 6 View 6.2 Features and Basic Troubleshooting based on the very popular session VCI Linus Bourque delivered at VMworld US 2015. As always when we talk troubleshooting, there were lots of questions. We wanted to share a sample with you while you check out the recording.

What are the best free tools to monitor slowness information?
A good place to start are with the well-known tools like Windows: PerfMon, vCenter performance charts, for networks: wireshark, windows processes: process explorer; etc. VMware cannot sanction one tool over another. You may also want to ask at communities.vmware.com to see what others are using.

I have question around firewall, users are using VDI desktops from internet via security server. My question, does 4172 has to be opened even at internal firewall or is it not needed?
If you are using PCoIP as the default protocol, you must open 4172 TCP/UDP

If we have a bunch of replicas in vSphere that we cannot tell if they are even used, how do we go about deleting them? We are transitioned to pure storage and these replicas are on the old storage.
Use the Rebalance feature to “move” a linked-clone pool to a new datastore. If the replicas are “orphans” you’ll need to use the vdmadmin command to unlock the Replica folder, delete those replicas in question and then re-lock. Be careful when using this command and make sure you are deleting the right replica.

If we are not using security server do we just need 8443 open to the connection server for RDP?
If this is for internal, then 443 is all that is needed for RDP as long as the tunnel mode (default) is kept on. If direct connect is enabled then you’ll need 3389 opened as well. DO NOT USE this with the internet as you are opening your environment to an attack.

What are your thoughts on virus detection on View desktops similar to the regular desktops?
If you are going to use “traditional” anti-virus, you should stagger the number of VM scanned at any one time to reduce the possible storage I/O. Alternatively, leverage a vShield Endpoint like AV where the scan is done via the kernel/CPU. It will mean more CPU usage but will lessen the possible chance for I/O storage storms.

Is the Access Point an add-on price or does it come with the 6.2 upgrade?
See here for which version the AP is supported on. Depending on the version, you will determine whether you’ll be able to access it or need additional licensing

Is VMware working on something like vCenter alarms for View Horizon?
Not that I’m currently aware of. If you feel this would be helpful, please submit a feature request.

11 New Courses on vSphere v6, AirWatch, and more

NEW CoursesThe VMware Education team has been busy in the last month releasing 11 new courses covering vSphere 6, AirWatch, Site Recovery Manager, Horizon (with View), vRealize Automation, and Security for the SDDC. Click on the links below to learn more about these courses and to see the schedule for your area.

Get notified by email when new courses are released by signing up here.

vSphere V6

AirWatch Enterprise Mobility

Other Topics

Save 50% on New Beta Courses: Installing NSX, Security Operations, and Horizon Design

BETA ClassesVMware offers beta courses to anyone who wants to participate in helping finalize the nearly complete course content and materials. You save 50% off the regular course price and get the same valuable VMware training that fully qualifies towards certification requirements.

Hurry, space is limited.

VMware NSX: Install, Configure, Manage [V6.2] – 12-16 October, Reston VA

This comprehensive, fast-paced training course focuses on installing, configuring, and managing VMware NSX™. This course covers VMware NSX as a part of the software-defined data center (SDDC) platform, features of VMware NSX, and functionality operating at Layer 2 through Layer 7 of the OSI model. Lecture and hands-on lab activities build your understanding of VMware NSX features, functionality, and on-going management.

Horizon: Design and Deploy [V6.0] – 12-16 October, Dallas TX

This course presents a methodology for designing and deploying a VMware Horizon® solution. The design methodology includes recommendations for the type of information and data that must be gathered and analyzed to make sound design decisions for the client systems, the desktop options, the VMware vSphere® infrastructure, and the Horizon components. VMware best practices are presented for each phase of the design process. During this class, you will apply your new knowledge by working with other participants to design and deploy a Horizon solution for a real-world project.

Security Operations for the Software-Defined Data Center [V1] – 9-13 November, El Segundo CA

Virtualization presents new opportunities for securing your data and systems. Virtualizing your data center often brings new challenges, requiring your IT staff to assume new, and sometimes unfamiliar, roles and responsibilities. In this course, we teach you how to use the VMware Software-Defined Data Center (SDDC) product portfolio and tools to better manage administrator access, harden your VMware vSphere® environment, and secure data at rest and in motion. We also cover compliance and automation to help you ensure your deployments align with your security policies.

Sign up to receive an email notification when future beta courses are released.