One of VMware's senior Cloud Security Architects, Michael Haines, has started a multi-part blog series on using the vShield API. He has taken the approach of showing how the vShield API can be used in the daily life of a Network and Security Admin. In his words
In these series of blogs the Network and Security System Administrator will get hands on programming experience with the vShield API and learn how to consume the API in their own programs and applications. The Network and Security System Administrator does not need to be a developer, although basic programming concepts will help them understand the vShield API better.
He has already posted the Introduction, as well as Part 1 and Part 2. To keep up with the rest of the series (and to learn more about cloud security), bookmark the VMware vCloud Blog.
We are pleased to announce the general availability of vCenter Configuration Manager 5.4.1(VCM), a key component of the vCenter Operations Management Suite. VCM has always detected all changes even if they were done outside of the change management process. With this release we take a major step towards delivering integrated performance and configuration management by correlating configuration changes to the performance events and non compliant results. In addition, the new release also works together with the VMware Cloud Infrastructure Suite to discover and manage VMs that run in vCloud Director based cloud deployments.
Here are the major highlights of this release:
- Integration with vCenter Operations Manager 5.0
- The integration of VCM with vCenter Operations Manager enables IT operations to quickly identify health and performance issues that may be caused by configuration changes on the managed machines. It also provides launch in context to change log in VCM, where you could remediate changes.
- Integration with vCloud Director
- Using VCM, you can discover and manage virtual machines that are running in vCloud Director based clouds. This release supports VMs that are either directly connected (no NAT) or behind 1:1 NAT configuration
- OS Provisioning Enhancements
- Support for custom ISOs and Linux disk partition configuration
- OS provisioning support for RHEL 5.6 and 6.0 (32 and 64-bit)
- New Platforms Support
- Managed Platforms Additions: ESX/ESXi 4.1 Update 1, ESXi 5.0, RHEL 5.6 and 6.0, Mac OS X 10.6
- Collector Platform Support: Windows 2008 R2 SP1 & SQL Server 2008 R2 SP1
- Installing VCM Server on a non-English operating system is also now supported. See release notes for more details on this.
- Addition of the New Content Architecture (NCA) for UNIX & Linux Patching
- UNIX and Linux patching has been updated to support NCA changes for assessment, deployment, repository synchronization, and content downloading and importing.
- New and updated compliance content to support the following standards:
- vSphere 4.x Hardening Guidelines
- PCI 2.0
- Basel III
Check out more details about this release:
To close out, here's a quick screenshot from vCenter Operations Manager 5.0 showing correlation with vCenter Configuration Manager change events. You can click on these events to launch VCM in context to quickly understand and remediate performance issues arising from configuration changes and non compliant results. After all, it is usually changes that at the root of compliance deviation.