Recent Posts

Making Security Easier – An ESXi Fling for US Federal Customers

posted

Running systems in the US Federal Government presents its own unique challenges. From specific system login requirements (CAC/PIV smart cards) to specific regulations like DISA STIG’s, managing systems in this environment comes with a healthy dose of security. Today we’re taking a small step towards making that easier with the introduction of a VMware Fling Read more...

SDDC Security Operations class from VMware Education

posted

Hey everyone! I know, it’s been a while since I blogged. It’s been an insanely busy time here at VMware, especially for vSphere security. VMworld US and Europe vSphere security sessions were very popular! And since then, I’ve been traveling a whole bunch, meeting customers and talking about security operations. A recurring ask has been Read more...

vCenter Server 6.0 Update 1 Single Sign On and SSLv3

posted

Hi, vSphere 6.0 Update 1 is out and there’s lots of great updates. One that I think many will be interested in is SSLv3 as it relates to Single Sign-On. From the Update 1 Release Notes SSLv3 protocol disabled by default on port 7444 in vCenter Server 6.0 Update When you install vCenter Server 6.0 Read more...

Recommended vSphere-focused Security Sessions at VMworld 2015

posted

Hi everyone, Here’s a quick blog post for you as you’re going through the VMworld Schedule Builder for VMworld 2015. Below is a list of security sessions that are primarily focused on vSphere Security. The NSX guys have a whole other laundry list of awesome sessions but for now, we’re going to focus on vSphere. Read more...

Custom certificate on the outside, VMware CA (VMCA) on the inside – Replacing vCenter 6.0’s SSL Certificate

posted

[UPDATE] So far, this blog has been one of my most popular here on the vSphere blog. Since publishing this over 18 months ago we have learned quite a bit about the different requirements and considerations customers are under. This “Hybrid Mode” of certificate configuration, where you replace the externally facing reverse proxy certificate and Read more...

vSphere 6 Hardening Guide GA now Available

posted

It’s time to release the vSphere 6.0 Hardening Guide! As I mentioned back in April, there are a lot of changes that have been made. In talking with customers and auditors in detail for the past year, the conclusion was reached that the Hardening Guide was Difficult to understand Contained a mix of Operational Guidance Read more...

vSphere 6 Security Update

posted

Recently I was asked by the vBrownbag community to present on vSphere 6 security. vBrownbag is a community-lead podcast series that features online webinars covering various Virtualization and VMware Certification topics, all led by members of the community. It’s an outstanding resource if you are looking to achieve certification or are just in the mood Read more...

vSphere Hardening Guide 6.0 Public Beta 1 available

posted

  I’m happy to announce that the vSphere 6 Hardening Guide Public Beta 1 is now available. The guide is being provided as Excel spreadsheet. I’m also making a PDF doc available for easier viewing. In addition,  I’ve also included an Excel spreadsheet of the guidelines that have moved out of the guide and into Read more...