Home > Blogs > VMware Security & Compliance Blog > Monthly Archives: January 2012

Monthly Archives: January 2012

vShield Automation

Automation is a powerful tool, with automation we can not only make our lives as administrators easier and less cumbersome but also enable products to do things automagically that they never could do before.

 

This quote which I really liked, can be attributed to VMware's very own Alan Renouf.  Alan is somewhat of an automation genius here at VMware, putting together all kinds of cool scripts and workflows to do all kinds of neat stuff.  Well he has taken his skills and applied them to the vShield REST APIs, and has graciously made the work that he has done available for all to leverage.

If you are interested in automating your vShield deployments through Powershell, Alan has developed a Powershell Module that leverages the vShield REST APIs.  It will allow you to do many things including the automation of the deployment of vShield App and Edge appliance to updating policies and more.  

He posted it here on his personal blog.  He is planning a series of blogs with more on what powerful operations you can perform with this module and how you can do it. So if you are interested I would highly suggest you start to follow his blog more closely.  

Rob Randell, CISSP – Principal CIM Architect – Security and Compliance Specialist

VMware CP&C announces major content release for VCM!

The VMware Center for Policy and Compliance (CP&C) is pleased to announce our latest content update for FISMA, GLBA, HIPAA, and SOX in vCenter Configuration Manager ™ (VCM). 

Based off DISA’s last major release, we have now updated critical compliance requirements across several verticals.

How does this help you address your compliance needs?

Healthcare sector is a main area of focus for CP&C and VMware. With our updated templates, Healthcare Organizations can now leverage this content to prepare for upcoming audits in 2k12. With these templates and VCM’s automated patching solution, Healthcare organizations that use Hitrust as a source of guidance will also be able to apply these new rules, dashboards and content for audit requirements. CP&C also updated SOX, FISMA and GLBA templates as well helping folks out in D.O.D, Federal Government and Finance sectors with Continuous Compliance. VMware CP&C is also pleased to announce that we now cover the full spectrum of auditing settings for Vista, W7, and 2k8, and 2k8 R2. 

What’s new in this package? DISA Platform support for:

  • Windows 2003 version 6.1.22
  • Windows 2008 v6.1.15
  • Windows 2008 R2 V1 Rel 1
  • Windows 7 Ver1.5
  • Windows Vista 6.1.22
  • Windows XP 6.1.22

Check out the HIPAA Dashboard below covering virtual, physical, Unix, Linux and Windows results! You can quickly determine where your non compliant settings are and easily remediate them.

HIPAA.DB.1.2.11

Right Click Fix, or set an exception!

HIPAA.Rem.1.2.12

Last but not least ,Audit settings!

Audit.DISA.1.2.11

How do you get it the new content?
Customers wishing to harden their DISA, SOX, HIPAA, FISMA and GLBA environment can download the new content via the VCM Content Wizard.

Also, feel free to hit us up with questions & comments at:

Happy New Year from VMware & CP&C!

George Gerchow – VMware Director, Center for Policy & Compliance