vSphere Platinum Shield

vmx.reboot.PowerCycle Makes CPU Vulnerability Remediation Easy

posted

The biggest issue with remediating CPU vulnerabilities in a virtual environment is that, in most cases, the virtual machines must be power cycled. Not just rebooted but powered off and then back on. To help our customers get this done easily VMware has added the vmx.reboot.PowerCycle advanced parameter to vSphere which automates this process. Why Read more...
vSphere Platinum Shield

National Cybersecurity Awareness Month 2019

posted

It’s October so in the US it’s officially National Cybersecurity Awareness Month. As the US CERT website states, “National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more Read more...
vSphere Platinum Shield

Microsoft Windows Server 2019 STIG & VMware vSphere

posted

Many of our security-conscious readers are familiar with DISA STIGs, the Security Technical Information Guides that the US Defense Information Systems Agency (DISA) publishes. These guides are wonderful in that they bridge the gap between compliance frameworks and infrastructure implementations. Compliance frameworks rarely specify what to do on & to an operating system to be Read more...
vSphere Platinum Shield

Security is a Team Sport

posted

There’s a growing idea in the greater VMware community that the role of the Virtualization Infrastructure Administrator (VI Admin) is changing. If you’ve been to a VMware User Group conference recently you will have seen & heard talks on this, how VI Admins are being asked to do new things and being offered opportunities outside of Read more...
vSphere Platinum Shield

vSphere Security at Security Field Day 2

posted

VMware was proud to continue our decade-long relationship with Tech Field Day by hosting the delegates of Security Field Day 2 (#XFD2) on June 20, 2019, sharing with them both the overall strategy for security in VMware products as well as very specific technical discussions around vSphere, vSphere Platinum, VMware AppDefense, and VMware WorkspaceOne. There Read more...
vSphere Platinum Shield

vSphere Compliance: Common Criteria, NIST 800-53, and DISA STIG

posted

Security is a hot topic everywhere in IT, but right behind it is its cousin, compliance. VMware vSphere is a great platform for organizations that have regulatory compliance needs. Hundreds of time-saving, easy-to-use, and flexible features in vSphere align closely with compliance frameworks, and VMware provides guidance on how to configure these features to meet Read more...
VMware Tools

Security Issue with VMware Tools: VMSA-2019-0009

posted

Vulnerability Summary Customers should be aware of an important issue with VMware Tools where a non-privileged user on a Windows VM could read information or cause problems in a VM running VMware Tools lower than 10.3.10. The official designation from VMware is VMSA-2019-0009 on the VMware Security Advisories page and mailing list. This vulnerability is Read more...
vSphere Platinum Shield

10 Things To Know About vSphere Certificate Management

posted

With security and compliance on the minds of IT staff everywhere, vSphere certificate management is a huge topic. Decisions made can seriously affect the effort it takes to support a vSphere deployment, and often create vigorous discussions between CISO and information security staff, virtualization admins, and enterprise PKI/certificate authority admins. Here are ten things that Read more...
vSphere Platinum Shield

Virtualization-Based Security Issues with Windows 1903/19H1 Releases

posted

Update (07/01/2019): This issue has been resolved in recent updates to Microsoft’s operating systems. Microsoft KB4497935 contains information on how to get this patch, but in short, it is available through normal cumulative Windows Updates. —— Users of Virtualization-Based Security or the virtual I/O MMU features in vSphere should take note of a serious issue that Read more...