Recent Posts

Two Factor Authentication for vSphere – RSA SecurID – Part 2

posted

Introduction In Part 1 of Two Factor Authentication for vSphere – RSA SecurID, we configured RSA Authentication Manager to get it ready for adding the PSC as an Authentication Manager agent. In this post, we’ll configure the Platform Services Controller (PSC) itself by uploading the sdconf.rec file and running the appropriate CLI commands to enable Read more...

Two Factor Authentication for vSphere – RSA SecurID – Part 1

posted

Introduction This is Part 1 of a 2 part blog series. In this post we’ll talk about setting up RSA SecurID Authentication Manager, some architectural assumptions and what you’ll need to take with you to Part 2. Two Factor Authentication Two factor authentication (2FA) has become ubiquitous nowadays. For those of you still in the Read more...

Making Security Easier – An ESXi Fling for US Federal Customers

posted

Running systems in the US Federal Government presents its own unique challenges. From specific system login requirements (CAC/PIV smart cards) to specific regulations like DISA STIG’s, managing systems in this environment comes with a healthy dose of security. Today we’re taking a small step towards making that easier with the introduction of a VMware Fling Read more...

SDDC Security Operations class from VMware Education

posted

Hey everyone! I know, it’s been a while since I blogged. It’s been an insanely busy time here at VMware, especially for vSphere security. VMworld US and Europe vSphere security sessions were very popular! And since then, I’ve been traveling a whole bunch, meeting customers and talking about security operations. A recurring ask has been Read more...

vCenter Server 6.0 Update 1 Single Sign On and SSLv3

posted

Hi, vSphere 6.0 Update 1 is out and there’s lots of great updates. One that I think many will be interested in is SSLv3 as it relates to Single Sign-On. From the Update 1 Release Notes SSLv3 protocol disabled by default on port 7444 in vCenter Server 6.0 Update When you install vCenter Server 6.0 Read more...

Recommended vSphere-focused Security Sessions at VMworld 2015

posted

Hi everyone, Here’s a quick blog post for you as you’re going through the VMworld Schedule Builder for VMworld 2015. Below is a list of security sessions that are primarily focused on vSphere Security. The NSX guys have a whole other laundry list of awesome sessions but for now, we’re going to focus on vSphere. Read more...

Custom certificate on the outside, VMware CA (VMCA) on the inside – Replacing vCenter 6.0’s SSL Certificate

posted

[UPDATE] So far, this blog has been one of my most popular here on the vSphere blog. Since publishing this over 18 months ago we have learned quite a bit about the different requirements and considerations customers are under. This “Hybrid Mode” of certificate configuration, where you replace the externally facing reverse proxy certificate and Read more...