Category: Virtuallization
-
Security Threat | vSphere Data Protection – Remote code execution vulnerability
VMware Security Advisory Advisory ID: VMSA-2018-0029 Severity: Critical Synopsis: vSphere Data Protection (VDP) updates address multiple security issues. Issue date: 2018-11-20 Updated on: 2018-11-20 (Initial Advisory) CVE number: CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077 Summary vSphere Data Protection (VDP) updates address multiple security issues. Relevant Products vSphere Data Protection (VDP). VDP is based on…
-
Security Threat | vmware VMXNET3 network adapter
VMware has released a security advisory last Friday about a vulnerability in VMXNET3 network adapter .. Read the announcement for more details and the required patch to resolve the issue. VMware Security Advisory Advisory ID: VMSA-2018-0027 Severity: Critical Synopsis: VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage Issue date: 2018-11-09…
-
VMware Security Hardening Guides
VMware provides comprehensive security hardening guides for its products, these guides covers a lot of points that may make your environment vulnerable. Security Hardening Guides provide prescriptive guidance for customers on how to deploy and operate VMware products in a secure manner. Guides for vSphere are provided in an easy to consume spreadsheet format, with…
-
VMware SDDC Design Guide
Use VMware Validated Designs to build a Software-Defined Data Center that is based on management components by VMware, and has a scalable and best-practice configuration Intended Audience Introducing VMware Validated Design for Software-Defined Data Center is intended for cloud architects, infrastructure administrators, cloud administrators and cloud operators who want to get familiar with VMware Validated…
-
Securing ESXi with Lock-down mode | Step-by-Step
Leveraging lock-down feature adds more security to ESXi hosts, as well as the whole vSphere environment by stricting the direct access (DCUI, ESXi web client, SSH), which reduces the chances of your hosts being compromised. vCenter server will be the main management console for ESXi hosts. With the “Exception Users” list, you can specify the…
-
Encrypting vSphere VM | step-by-step
Virtual machine encryption is a new feature in vSphere 6.5 (and later editions); vSphere increases and hardens the security of the VM by encrypting its virtual disks. You could apply this to all vdisks, or select the ones you need to be encrypted. The requirements for achieving this approach: vSphere 6.5 or later. KMS (Key…
-
Security Threat in VMware vSphere/Workstation – CVE-2018-6977
Problem Description Denial-of-service vulnerability in 3D-acceleration feature VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the…
-
VEMBU | Backup & Recovery Solution for Virtual Workloads
VEMBU | Backup & Recovery Solution for Virtual Workloads From 2002, Vembu has been delivering simplified backup solutions through its portfolio of products. Their flagship offering – Vembu BDR Suite addresses various backup, recovery, replication, and DR needs of IT environment. Have a glimpse of the Vembu BDR Suite of Products categorized based on different…
-
Fix OVA/OVF invalid certificate issue
You may have a OVA or OVF package to deploy, but you can;t because of the following error with the image certificate: The OVF package is signed with an invalid certificate But no worries, it’s gonna be easy to fix by repackaging the image with ignoring the invalid certificate. Just follow these steps: Download and…
-
How to roll-back ESXi to a previous state/version?
You may sometimes need to revert the ESXi back to a previous, stable state in case that the installed patches have caused problems and instability. It’s very simple, just follow these steps: 1- connect to the host direct console either vial direct KVM, or remote KVM. 2- reboot the server with the method that suits…