Author Archives: Pravin Goyal

Pravin Goyal

About Pravin Goyal

Pravin Goyal is an information security and regulatory compliance expert in CMBU. He delivers and also leads various security projects such as security and compliance policies for PCI DSS 3.1, HIPAA, IRS, DISA, CIS, vSphere hardening guides and NSX hardening guides He loves to keep abreast of latest developments in the field and find compelling ideas to bring some additional business and profitability to VMware. Additionally, he believes in collaborating across BUs and Companies to deliver customer-facing solutions. Off late, he has authored CIS Docker 1.6 and CIS Docker 1.11.0 Security Configuration Benchmark, NSX-v 6.1 hardening guide and is a co-author of vSphere hardening guide. He is leading the STIG compliance project from CMBU. https://www.linkedin.com/in/pravin-goyal-b7299b33

VMware CP&C releases Major Updates to DISA STIG *NIX Compliance toolkit in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for UNIX and Linux based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops). This is a major update release to prior released DISA Compliance Toolkits for UNIX and Linux based environments. The compliance toolkit product data sheet can be found here.

This toolkit contains below DISA STIGs:

  • DISA AIX 6.1 V1R2
  • DISA HP-UX V1R4
  • DISA RH-5 V1R6
  • DISA RH-6 V1R3
  • DISA Solaris 10 V1R6

Continue reading

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for Windows Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Windows Environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. PCI DSS 3.0 compliance toolkit for VMware vSphere based virtual environment and PCI DSS 3.0 Compliance toolkit for *NIX based environments were released earlier this year.

PCI DSS 3.0 compliance Windows toolkits are available for below environments:

Windows Server 2003 (DC and MS)
Windows Server 2003 R2 (DC and MS)
Windows Server 2008 (DC and MS)
Windows Server 2008 R2 (DC and MS)
Windows Server 2012 (DC and MS)
Windows Server 2012 R2 (DC and MS)
Windows 7
Windows 8
Windows 8.1

*Legends*
DC = Domain Controller
MS = Member Server

You can download the packages using Compliance Content Wizard tool in VCM or from VMware solution exchange and begin to use them.

Keep in mind that VCM manages not only virtual environments, but covers physical as well. It is the market leader in Configuration Audit, Change Detection, Patch Management and COMPLIANCE content. With new additions such as Scripted Remediation Framework, high level of OS patch automation with auto deploy functionality, Easy install and setup, SCAP based compliance and a new look and feel, it is better than ever before!

Come, join the journey to Start Green Stay Green!

Thanks and regards,
Pravin Goyal,
RHCE | HP-UX CSA | VCP4-DCV | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for *NIX Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for UNIX and Linux Environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. PCI DSS 3.0 compliance toolkit for VMware vSphere based virtual environment was released earlier this month.

Continue reading

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for Virtual Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Virtual Environment in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. We churned it pretty quickly and now have the PCI DSS 3.0 compliance toolkits available for below VMware vSphere based virtual environments:

VMware vSphere 5.0
VMware vSphere 5.1
VMware vSphere 5.5

Continue reading

VMware CP&C releases vSphere 5.5 Compliance Checker!

VMware Center for Policy and Compliance (CP&C) team is pleased to announce the general availability of VMware vSphere 5.5 Compliance Checker – an excellent FREE tool to get you started with compliance assessment of your virtual infrastructure with respect to vSphere 5.5 hardening guide.

The tool can be downloaded here.

You can use this tool for vSphere 5.0, 5.1 and 5.5.

While these simple Compliance Checkers provide some basic functionality and benefits, VMware also offers VMware vCenter Configuration Manager, which automates configuration and compliance management across your virtual, physical and cloud environments, assessing them for operational and security compliance. It comes with capabilities such as compliance management, change management, patch management, software inventory management and other useful features.

vCenter Configuration Manager is a component of VMware vCenter Operations Management Suite, which helps you manage the performance, capacity and configuration of your virtual and physical infrastructure.

So, what are you waiting for? Grab these checkers quickly and roll on the compliance!

Come, join the journey to Start Green Stay Green!

Thanks and regards,
Pravin Goyal
RHCE | HP-UX CSA | VCP | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F

VMware CP&C releases DISA and vSphere 5.1 Compliance Checkers!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of The Defense Information Systems Agency (DISA) Compliance Checker for Linux Server and Windows Server platforms.

It is also exciting to inform that VMware vSphere 5.1 Compliance Checker is also live!

Catch all the action here

So, what are you waiting for? Grab these checkers quickly and roll on the compliance!

Come, join the journey to Start Green Stay Green!

Thanks and regards,
Pravin Goyal
RHCE | HP-UX CSA | VCP | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F

VMware CP&C releases DISA vSphere 5.0 Compliance toolkit for VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of The Defense Information Systems Agency (DISA) VMware vSphere 5.0 compliance toolkit for VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). The benchmark availability announcement was made on 09-Aug-2013 and we churned it pretty quickly!

 

Continue reading

VMware CP&C releases NERC Unix Compliance toolkit in VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of The North American Electric Reliability Corporation (NERC) UNIX compliance toolkit in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). The toolkit is aligned with CIP version 4 for Cyber Security.

 

 

  • Rules mapped to CIP section nos. for easy traceability
  • Rules for AIX, HP-UX, Solaris, RHEL 5 and RHEL 6
  • 4 collection filter sets containing 92 collection filters totally
  • 5 Rule Groups and 6 Templates containing 413 rules in total
  • A great new dashboard

You can download the packages using VCM Content Wizard and begin to use it.

Continue reading

VMware CP&C releases VMware vSphere 5.1 Hardening Guide Compliance toolkit in VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce, the most awaited and anticipated content of the year, the release of VMware vSphere 5.1 Hardening Guide Compliance toolkit in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). As a critical component of the vC Ops suite, VCM is the FIRST product in the market today to have the official GA version of the vSphere 5.1 Hardening Guidelines.

 

 

The package comes in 4 versions:

  • Full – Has all recommendations present in the hardening guide
  • Profile 1 – Has only Profile 1 recommendations
  • Profile 2 – Has only Profile 2 recommendations
  • Profile 3 – Has only Profile 3 recommendations

Continue reading

CIS and DISA CP&C toolkit update

Hi All,

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of latest Center for Internet Security (CIS) and Defense Information Security Agency (DISA) Compliance toolkit packages for VMware vCenter Configuration Manager (VCM).

The highlights of this release are as below:

  1. CIS has new content for
    • AIX 5.3-6.1 and
    • RHEL 6
  2. DISA has new content for
    • HP-UX 11.23 and 11.31
    • Solaris 10
    • AIX 6.1 and
    • RHEL 5

Continue reading