Recent Posts

VMworld 2018 vSphere Security Sessions

posted

It’s that time of year again! The time when we all pack our comfortable shoes and head to Las Vegas for VMworld! As we are all dealing with the seemingly ever-increasing IT security issues that plague our industry, VMware is there to help you make sense of it and deal with it in as easy Read more...

Configuring TPM 2.0 on a 6.7 ESXi host

posted

In a previous blog post I went over the details on how ESXi uses a TPM 2.0 chip to provide assurance that Secure Boot did its job and how that “attestation” rolls up to vCenter to be reported on. In this blog article I’m going to go over some of steps necessary to configure the Read more...

Prepping an ESXi 6.7 host for Secure Boot

posted

When 6.7 went “GA” or General Availability, I was excited to get it installed and running on my bare metal hosts in my lab here at VMware. I had gotten my Dell R630’s updated with TPM 2.0 chips and was looking forward to booting with “attested” hosts. But I had a few issues before I Read more...

vSphere 6.7 Security – Media Resources

posted

As our vSphere 6.7 Security Week comes to a close I’d like to leave you with some more content. In this blog I’ll share with you a number of videos, walkthroughs and a podcast on all the 6.7 security features that have been covered so far. Read more...

vSphere 6.7 – Security FAQ’s now available

posted

All too frequently the same questions keep coming up after new features are released. With vSphere 6.7 that has not changed. The interest in the security features started some time ago when I would present to customers under an NDA. Back in October of 2017 I released an FAQ page on vSphere Central on VM Read more...

vSphere 6.7 – Virtual Trusted Platform Modules

posted

As security becomes a bigger and bigger “thing”, requirements for virtualized hardware to support features in guest operating systems are rising. With vSphere 6.7 we have released a comprehensive list of virtual hardware support for features required by Windows 10 and Windows 2016. In a previous blog we covered support for Virtualization Based Security (VBS) Read more...

Introducing support for Virtualization Based Security and Credential Guard in vSphere 6.7

posted

Microsoft virtualization-based security, also known as “VBS”, is a feature of the Windows 10 and Windows Server 2016 operating systems. It uses hardware and software virtualization to enhance Windows system security by creating an isolated, hypervisor-restricted, specialized subsystem. Starting with vSphere 6.7, you can now enable Microsoft (VBS) on supported Windows guest operating systems. You Read more...

vSphere 6.7 – ESXi and TPM 2.0

posted

With vSphere 6.7 I’m happy to announce the support of TPM 2.0! This blog will go into detail on how we are leveraging the TPM 2.0 chip found on most modern servers. I’ll also clarify some mis-conceptions and try to put into context what pieces are doing what during the boot of ESXi 6.7. First, Read more...
Introducing vSphere Security 6.7

Introducing vSphere 6.7 Security

posted

I’m really excited to share with you all of the new security features available now in vSphere 6.7! The goals of security in 6.7 are twofold. Introduce more “easy to use” security features and “meet requirements set by customers IT and Security teams”.  With vSphere 6.7 we have achieved both goals. Let’s dive into some Read more...