Recent Posts

encryption faq browser

vSphere 6.5 Encryption FAQ now available

posted

I’m really pleased to announce the availability of the vSphere 6.5 VM and vSAN Encryption FAQ! This FAQ is built upon over a year of questions that have come in to me on both VM and vSAN Encryption. We’ve reached critical mass and now it’s time to share! Read more...

Using the vCenter Login Banner for RSA SecurID support

posted

In vSphere 6.0 Update 2 we added the capability to use RSA SecurID for two-factor authentication (2FA) in to the web client (only). I wrote about that in a two part blog series. Part 1 and Part 2 I recently got an email from a customer asking me about the implementation of the RSA SecurID Read more...

Secure By Default – VM.disable-unexposed-features

posted

I’m super happy to announce that we are showing more progress in our quest for “Secure By Default” for ESXi and vCenter Server. This latest update is one that is near and dear to many of you who live and breath by the Hardening Guide (now called the Security Configuration Guide in 6.5) and its Read more...

Secure Boot for ESXi 6.5 – Hypervisor Assurance

posted

I’ve talked about how vSphere has been moving towards a “secure by default” stance over the past few years. This can clearly be seen in the new vSphere 6.5 Security Configuration Guide where the number of  “hardening” steps are growing smaller with every release. In this blog post we will go over another “secure by Read more...

vSphere 6.5 Security Configuration Guide now available

posted

Announcing the GA release of the vSphere Security Configuration Guide!   Rename As I mentioned in my previous blog post where I announced the availability of the Security Configuration Guide (SCG) Release Candidate, the term “Hardening Guide” will no longer be used starting with vSphere 6.5.  Only an increasingly small subset of the settings are Read more...
TLS Reconfigurator

vSphere and TLS 1.2

posted

I traditionally don’t write much about compliance. I’ve been very focused on security. But some might ask “Aren’t they the same thing?”  My answer is unequivocally “No” but remember, this is my opinion and in the world of security, we are all entitled to our opinion, right? Security vs. Compliance Security is a practice. It’s Read more...
vSphere 6.5 PWT launch

vSphere 6.5 Security Product Walkthroughs

posted

Are you aware of the VMware Product Walkthrough site? If not, you’re missing out on some really great content. A product walkthrough is a guided “tour” of many of VMware’s products. They are helpful when you want to do a dry run of a task, like encrypting a VM for example, so that you can Read more...

PowerCLI for VM Encryption

posted

Hi everyone, I’m happy (ok, beyond happy!) to announce that our VM Encryption engineering team has released a PowerCLI module for VM Encryption! In case you weren’t aware, there’s a Github repository of VMware PowerShell modules. Check them out! Included in there is the new PowerCLI Module for VM Encryption. It’s chock full of lots Read more...