The Why’s and How’s of ESX patching

posted

From the new VMware Security Blog, Nand Mulchandani responds to the article by Ron Oglesby and Dan Pianfetti at virtualization.info about the number of patches that VMware has released for VI3. Link: VMware Security Blog > ESX patching questions. Recently there was an article on “Patch Tuesday for VMware” over at Virtualization.info. It is an Read more...

Virtualization Security Guidelines

posted

Link: Virtualization Security Guidelines – blog.scottlowe.org The Center for Internet Security (CIS) has released some security benchmarks for VMware ESX Server 3.0.x.  The ESX security benchmark joins recommendations and guidelines for Windows 2000, Windows XP, Windows Server 2003, Red Hat Linux, and Mac OS X that are also available from the CIS.  The CIS has Read more...

Security Virtualization myths dispelled?

posted

Link: Security Virtualization myths dispelled? | Virtual Scoop. In an article titled VMware dispels virtualization myths, Bridget Botelho  wrote: "One significant issue with virtual machine security is with virtual switch isolation," said Burton Group’s Wolf."The current all-or-nothing approach to making a virtual switch ‘promiscuous’ in order to connect it to an IDS/IPS is not favorable Read more...

VMware partnering using security APIs

posted

Link: VMware shares secrets in security drive | CNET News.com. VMware has traditionally restricted access to its hypervisor code and, while the vendor has made no official announcement about the API sharing program tentatively called "Vsafe," VMware founder and chief scientist Mendel Rosenblum said that the company has started sharing some APIs (application program interfaces) Read more...