Home > Blogs > VMware Security & Compliance Blog > Tag Archives: vCOPS

Tag Archives: vCOPS

VMware CP&C releases Major Updates to DISA STIG Windows Compliance toolkit in VCM!

CPC Logo

The VMware Center for Policy & Compliance (CP&C) is pleased to announce the updated DISA STIG compliance toolkit for Windows based environments in VMware vCenter Configuration Manager (VCM), a key component in the VMware vRealize Operations (vR Ops). This is a major update release to prior released DISA Compliance Toolkits for Windows based environments. The compliance toolkit product data sheet can be found here.

This toolkit contains below DISA STIGs:

  • Windows Server 2012 / R2 – DC and MS – STIG Version V1R4
  • Windows Server 2008 R2 – DC and MS – STIG Version V1R12
  • Windows Server 2008 – DC and MS – STIG Version V6R1.26
  • Windows Server 2003 / R2 – DC and MS – STIG Version V6R1.33
  • Windows 7 – STIG Version V1R16
  • Windows 8 / 8.1 – STIG Version V1R6

DC = Domain Controllers
MS = Member Servers
Continue reading

Ensure DISA Certificate Compliance using VCM

CPC LogoToday, I show you how you can ensure you comply to DISA mandates to have DoD certificates on each Microsoft Windows machine using VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops).

For this example, DISA STIG for Windows 8 / 8.1 Version: 1  Release: 6 released on 25 Jul 2014 is taken.

Below are the DISA requirements for certificates:

  • WN08-PK-000001 – The DoD Root Certificate must be installed into the Trusted Root Store
  • WN08-PK-000002 – The External CA Root Certificate must be installed into the Trusted Root Store
  • WN08-PK-000003 – The DoD Interoperability Root CA 1 to DoD Root CA 2 cross certificate must be installed into the Untrusted Certificates Store
  • WN08-PK-000004 – The US DoD CCEB Interoperability Root CA 1 to DoD Root CA 2 cross-certificate must be installed into the Untrusted Certificates Store

Continue reading

VMware CP&C releases PCI DSS 3.0 Compliance toolkit for Virtual Environments in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Virtual Environment in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.

PCI DSS 3.0 comes into effect from January 1, 2014. We churned it pretty quickly and now have the PCI DSS 3.0 compliance toolkits available for below VMware vSphere based virtual environments:

VMware vSphere 5.0
VMware vSphere 5.1
VMware vSphere 5.5

Continue reading

VMware CP&C releases a FREE vSphere 5.0 hardening guideline compliance checker!

I am hanging out in NYC finishing Cloud Expo East where we delivered a rousing session on Cloud Audit & Control with Coalfire AND CP&C is now VERY pleased to announce the release of our FREE vSphere 5.0 compliance checker! Last week we rolled out the 5.0 hardening guidelines in vCenter Configuration Manager (vCM) making it the first product on the planet to have the 5.0 content for our customers. Today, we are giving you access to a FREE vSphere 5.0 compliance checker! How awesome is that?

It is so easy to download and use that you can run it while watching Euro Cup with the sound of GOOOOOOAAAAAALLLLLLLLL!!!!!!!!!! In the background!

 Here is how the vSphere 5.0 Compliance Checker works: 

  • The Compliance Checker runs an assessment on 5 host systems at a time! (The 1st five being managed by an instance of vCenter Server)

 

  • The assessment is based on a predefined subset of the 5.0 Hardening Guidelines Content that currently exist today in vCenter Configuration Manager (vCM) Part of the vCenter Operations Manager Suite (vCo Ps)

 

  • The results for each host includes the rules, the rule descriptions, and the success or failure of each rule

 

 Check out the following results report from the vSphere 5 Checker

ComplianceReport

All you have to do is authenticate into the vCenter box that you want to assess hosts on.

VSphereCC

The VMware Center for Policy & Compliance FREE Checkers are sweeter than bacon and designed to get you hooked & come back for more! 

Here is the link so you can get started hardening your vSphere Environment today. (Remember, we have FREE checkers for vSphere 4.0 & 4.1 AND for PCI 2.0 Windows & Linux)

http://www.vmware.com/go/free-compliance-check-for-vsphere

Next, look for CP&C to release a HIPAA Checker that will be hotter than the Miami HEAT!

Now this poses a few questions and we would love to get your feedback: 

1. Are free tools like this helpful?

2. How do you currently lock down your vSphere environment?

3. Would remediation of the non-compliance results be a good next step?

4. Do you care about regulatory compliance & vendor best practices? If so, which ones? (PCI, HIPAA, DISA, CIS…) 

Jump in the discussion on any of our social media channels – blogs, Twitter, Facebook, or community forum: 

 

Cambio y Fuera!

George Gerchow – Director, VMware Center for Policy & Compliance