Husband, Dad, Geek & Senior Technical Marketing Architect for vSphere Security
Mike Foley
Author's posts
Jun 15
vSphere Hardening Guide GA now available
It’s time to release the vSphere 6.0 Hardening Guide! As I mentioned back in April, there are a lot of changes that have been made. In talking with customers and auditors in detail for the past year, the conclusion was reached that the Hardening Guide was
- Difficult to understand
- Contained a mix of
- Operational Guidance – How you use the product in your environment
- Programmatic Guidance – What settings should be applied OR audited
Basically, it was NOT easy to implement. And if security is too difficult to implement, people will either not do it or will do it poorly.
Apr 30
vSphere 6 Security Update
Recently I was asked by the vBrownbag community to present on vSphere 6 security. vBrownbag is a community-lead podcast series that features online webinars covering various Virtualization and VMware Certification topics, all led by members of the community. It’s an outstanding resource if you are looking to achieve certification or are just in the mood to learn. Read on to see how this webinar went and view for yourself.
Mar 27
vSphere 6.0 Lockdown Mode Exception Users
In vSphere 6.0 we now have a new concept called Exception Users. The intent of Exception Users is that they are not general admin users. I would consider them more of a “Service Account” type of access.
As a matter of fact, just the other day I got an email from someone internal at VMware that brought up a great use case for Exception Users. They were talking to a customer that wanted to access ESXi via a PowerCLI cmdlet (Get-VMHostAccount) to list out the local accounts on an ESXi server as part of their normal security reporting.
But they also wanted to enable Lockdown Mode and were finding it difficult to comply with both things. In vSphere 6.0 this is now much easier to address. Let’s get started.