Author Archives: Mike Foley

Mike Foley

About Mike Foley

Mike Foley is a Staff Technical Marketing Architect for vSphere Security at VMware. His primary goal is to help IT Admins build more secure platforms that stand up to scrutiny from security teams with the least impact to IT Operations. Mike is also the current author of the vSphere Security Configuration (formerly Hardening) Guide. Previously, Mike was on the evangelist team at RSA where he concentrated on virtualization and cloud security. Mike was awarded a patent (8,601,544) in December 2013 for dual-band authentication using the virtual infrastructure Mike has a personal blog at https://yelof.com and contributes to the VMware vSphere and Security blogs as well. Follow him at @vSphereSecurity on Twitter

Security Updates in vSphere 5.5 Update 1 + Hardening Guide news

5.5 Update 1 Release Notes

vSphere 5.5 Update 1 was released on March 11th, 2014. The primary drivers for this release were lots of bug fixes and support for VSAN. At the risk of duplicating a huge amount of the release notes, please review in detail those things that are important to you. There’s a number of things in Upgrade and Installation and there’s a specific Security section that would be of interest. Also review the Known Issues section as there’s some interesting tidbits in there as well.

5.5 Hardening Guide Update

I will be releasing an update to the vSphere Hardening Guide to go along with 5.5 Update 1 in the next couple of weeks. I’ve been collecting updates since it was released shortly after 5.5. No MAJOR changes, just minor fixes and a couple of clarifications and at least one deletion. More on this soon. I know it’s a hot button for some folks.

If there’s something YOU think needs to be corrected, now is the time to let me know!

Get in touch as a reply to this blog or preferably an email to me. I’m mfoley at VMware.com.

Thanks,

mike

New ESXi security whitepaper now available

Hi everyone,

Over on the vSphere blog I have posted an new entry on the availability of a whitepaper on the security of VMware’s ESXi hypervisor. I hope you find the whitepaper useful. Please post or send your feedback. Head on over to the vSphere blog posting!

 

mike

vSphere Security Blog Update

Hi,

Those of you that follow the vSphere Security blog are probably wondering why there hasn’t been much information posted here. I have been posting in the vSphere Blog in order to get more eyes on the security messaging of vSphere. I would encourage you to follow me there or at @vSphereSecurity on Twitter for more frequent updates.

Please note that the big news is the release of the vSphere 5.5 Hardening Guide. This release comes less than 3 weeks after the general availability of vSphere 5.5. If you have input into future hardening guide releases, please don’t hesitate to contact me!

Here’s a list of a few of the more recent items that I’ve posted in case you missed them.

  1. The vSphere 5.5 Hardening Guide has been released!
  2. vSphere Web Client Roles and Permissions How-To Video
  3. Virtual Appliances getting more secure with vSphere 5.5 – Part 1
  4. Virtual Appliances getting more secure with vSphere 5.5 – Part 2
  5. Virtual Appliances getting more secure with vSphere 5.5 – Part 3
  6. Virtual Appliances getting more secure with vSphere 5.5 – Part 4
  7. ESXi, syslog and logins
  8. “It’s a Unix system, I know this!”
  9. Grant shell access to this user? No worries mate!
  10. Skating your way to the SDDC

Thanks for all your interest in making vSphere an even better and more secure platform. I encourage you to get involved and reach out to me with your input, thoughts and concerns. Security is not a destination, it’s a journey so we can always be working to make things better!

mike

vSphere 5.1 Hardening Guide goes mobile!

Hi,

It has been a couple of weeks since the release of the vSphere 5.1 Hardening Guide. Right around that time there was a call for updated content for the VMware Mobile Knowledge Portal app Well, I really wanted to see the updated Hardening Guide available on that  platform. That presented a challenge. For most customers, the format of releasing it as an Excel spreadsheet meets their need but have you looked at a spreadsheet on an iPad? Not a pretty sight.

Continue reading

vSphere 5.1 Hardening Guide – Official Release

Hi,

I’m pleased to announce to availability of the official release of the vSphere 5.1 Hardening Guide. The guide is being released as an Excel spreadsheet only. This guide follows the same format as the 5.0 guide.

All reference and documentation URL’s and code samples have been updated for 5.1. The guide is available here

The permanent home will be here soon: http://vmware.com/go/securityguides

Also available is a separate document containing the Change Log for the guide. The Change Log is available here

Thanks to everyone who contributed feedback on the Public Drafts and also the team at VMware for their outstanding work in making this guide possible.

mike

vSphere 5.1 Hardening Guide Release Candidate now available

I would like to announce the release of the Rev B/Release Candidate for the vSphere 5.1 Security Hardening Guide.  This guide should be functionally complete and has been posted for your review and your feedback.

We’d love to hear your feedback, good and bad, on the contents of the guide. I would encourage you to post your reply in the Security and Compliance Communities forum but if you have more sensitive concerns, send it to me at mfoley@vmware.com. The intent is to publish the final GA copy in two weeks with any changes/updates incorporated so get your inputs in as soon as possible!

The vSphere 5.1 Security Hardening Guide has been posted to the VMware Communities in the “Security and Compliance” area, in the Documents tab. A separate Change Log document has also been published with the RC Guide.

Thanks to everyone who provided feedback on the Rev A Draft, and also to the team at VMware who contributed to this guide in many significant ways.

Thanks,
mike foley

vSphere 5.1 Hardening Guide **DRAFT** now available

Hello? Is this thing on?

A brief intro for those that don’t know me and my new role. My name is Mike Foley. I’m a Sr. Technical Marketing Manager, working for Charu Chaubal in VMware’s Technical Marketing group. My primary role is that of technical marketing support for security of the core vSphere platform. I come from RSA, where I was their virtualization evangelist/go-to guy for many years. My personal blog is at http://yelof.com and I’m on Twitter as @mikefoley.

I would like to announce the **draft** release of the vSphere 5.1 Security Hardening Guide.  This initial draft release has taken the 5.0 guide and updated it for 5.1. What it does NOT contain at this time is a complete review of functionality around the new 5.1 SSO capabilities. We are working on those parts and hope to have an updated draft very soon.

We’d love to hear your feedback, good and bad, on the contents of the guide. I would encourage you to post your reply in the Security and Compliance Communities forum but if you have more sensitive concerns, send it to me at mfoley@vmware.com.

The vSphere 5.1 Security Hardening Guide has been posted to the VMware Communities in the “Security and Compliance” area, in the Documents tab.  Thanks to everyone who provided feedback on the Public Draft, and also to the team at VMware who contributed to this guide in many significant ways.

Thanks,
mike foley