Browsing Posts in vSecurity

Recent VMware security bug (VMSA-2017-0006) is related to one of the worst possible security issue in a virtualization environment: a possible “guest escape” vulnerability that allows arbitrary code execution on a host system from the guest system. It’s not the first time of a similar risk (see, for example, Microsoft Edge used to escape VMware Workstation at Pwn2Own 2017) but this kind of issue is a different risk level if it affect Worksation (so “just” a client environment) or a ESXi (potentially a datacenter environment).

As announced some months ago, the Dell Software division has been sold to Francisco Partners and Elliot Management. This division include Dell SonicWall (from the acquisition of more than 4 years ago), but also Quest (from another acquisition) and several other brands. Now it’s clear that SonicWall brand reborns as a stand-alone company: SonicWall announced the launch of independent operations that it’s good for a security company (better to be as independed as possible). Bill Conner is new President and CEO of this company. He hs spent bulk of his career in the cybersecurity industry, […]

One issue about VMware NSX it that it does not exist an evaluation or a trial code in order to study and test it. This because the code is still on a Nicira web site and is much more restricted compared to other VMware code. Also VMware partner may be not entitled to download it, unless they don’t have the NSX competency. Individual can got an access only through one of the NSX official course: I’ve take the ICM on NSX 6.0 and the access on Nicira web site was granted me at the end […]

As described in the  release notes, one of the new features of View5 is the certificate check from the View Client (similar as the certificate check of the vSphere Client): Updated client certificate checking for View clients – View clients now follow the well-known browser model for handling certificates, displaying errors detected in the certificate presented by View Connection Server, or in the certificate trust chain. Administrators can set the Certificate verification mode group policy to enforce strict certificate checking; if any certificate error occurs, the user cannot connect to View Connection Server. Alternatively, administrators […]

In vSphere 5, for the first time, ESXi has now an integrated firewall. In this way another feature gap between ESXi and ESX has been filled. But this firewall is quite new and different compared to the one from ESX, although the management (at the GUI mode) remain similar of the old one. For more info see: http://vinfrastructure.it/vdesign/esxi-5-firewall/

© 2017 © 2013 vInfrastructure Blog | Hosted by Assyrus