Security

vmx.reboot.PowerCycle Makes CPU Vulnerability Remediation Easy

Bob Plankers posted October 8th, 2019

The biggest issue with remediating CPU vulnerabilities in a virtual environment is that, in most cases, the virtual machines must be power cycled. Not just rebooted but powered off and then back on. To help our customers get this done easily VMware has added the vmx.reboot.PowerCycle advanced parameter to vSphere which automates this process. Why Read more...

National Cybersecurity Awareness Month 2019

Bob Plankers posted October 3rd, 2019

It’s October so in the US it’s officially National Cybersecurity Awareness Month. As the US CERT website states, “National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more Read more...

Microsoft Windows Server 2019 STIG & VMware vSphere

Bob Plankers posted September 3rd, 2019

Many of our security-conscious readers are familiar with DISA STIGs, the Security Technical Information Guides that the US Defense Information Systems Agency (DISA) publishes. These guides are wonderful in that they bridge the gap between compliance frameworks and infrastructure implementations. Compliance frameworks rarely specify what to do on & to an operating system to be Read more...

VMware AppDefense Breaks Down Silos in Latest Release

Tom Corn, SVP/GM Security Products, VMware posted August 27th, 2019

It’s an exciting time for the VMware AppDefense team. We are making tremendous progress in our mission to help secure our customers’ data centers, and today we have great news to share. First, I’m proud to announce that we have released new functionality in VMware AppDefense that significantly breaks down the silos that exist between Read more...

Security is a Team Sport

Bob Plankers posted August 22nd, 2019

There’s a growing idea in the greater VMware community that the role of the Virtualization Infrastructure Administrator (VI Admin) is changing. If you’ve been to a VMware User Group conference recently you will have seen & heard talks on this, how VI Admins are being asked to do new things and being offered opportunities outside of Read more...

vSphere Security at Security Field Day 2

Bob Plankers posted June 25th, 2019

VMware was proud to continue our decade-long relationship with Tech Field Day by hosting the delegates of Security Field Day 2 (#XFD2) on June 20, 2019, sharing with them both the overall strategy for security in VMware products as well as very specific technical discussions around vSphere, vSphere Platinum, VMware AppDefense, and VMware WorkspaceOne. There Read more...

vSphere Compliance: Common Criteria, NIST 800-53, and DISA STIG

Bob Plankers posted June 21st, 2019

Security is a hot topic everywhere in IT, but right behind it is its cousin, compliance. VMware vSphere is a great platform for organizations that have regulatory compliance needs. Hundreds of time-saving, easy-to-use, and flexible features in vSphere align closely with compliance frameworks, and VMware provides guidance on how to configure these features to meet Read more...

Security Issue with VMware Tools: VMSA-2019-0009

Kev Johnson posted June 10th, 2019

Vulnerability Summary Customers should be aware of an important issue with VMware Tools where a non-privileged user on a Windows VM could read information or cause problems in a VM running VMware Tools lower than 10.3.10. The official designation from VMware is VMSA-2019-0009 on the VMware Security Advisories page and mailing list. This vulnerability is Read more...

10 Things To Know About vSphere Certificate Management

Bob Plankers posted June 4th, 2019

With security and compliance on the minds of IT staff everywhere, vSphere certificate management is a huge topic. Decisions made can seriously affect the effort it takes to support a vSphere deployment, and often create vigorous discussions between CISO and information security staff, virtualization admins, and enterprise PKI/certificate authority admins. Here are ten things that Read more...

Virtualization-Based Security Issues with Windows 1903/19H1 Releases

Bob Plankers posted May 20th, 2019

Update (07/01/2019): This issue has been resolved in recent updates to Microsoft’s operating systems. Microsoft KB4497935 contains information on how to get this patch, but in short, it is available through normal cumulative Windows Updates. —— Users of Virtualization-Based Security or the virtual I/O MMU features in vSphere should take note of a serious issue that Read more...

VMware vSphere Blog