VMware will be removing the vSphere Management Assistant (vMA) from future versions of vSphere. I, for one, use vMA quite a bit. However, all hope is not lost. It is pretty easy to build your own version of a vMA. It is even easier now, as I have created an installer.
I previously created a VMware vRealize Log Insight security operations center (SOC), which has been updated to support vSphere 6.5 U1. This release, with the SecureESX teaser, has been released on GitHub already. SecureESX has a bit of history behind it and has always been about auditing ESX and vSphere for security issues. Continue reading DISA STIG Auditing for the VMware vRealize Log Insight SOC
Upgrading the virtual network to use NSX is not a heavy or large task. It can be, depending on what you are doing, but the basics are fairly straightforward. These basics are not the wholesale replacement of your existing virtual network. They are not the inclusion of new forms or routing in your virtual environment. The are the addition of NSX on top of what you already have. Once you have NSX in place, then you can dream, plan, and adopt those better ways of managing and creating virtual networks. Continue reading vSphere Upgrade Saga: NSX in 8 Easy Steps
I have been creating a security operations center (SOC) specific to VMware vSphere using VMware vRealize Log Insight (vRLI). This SOC project shows the power of vRLI and the wealth of data available within vSphere 6.5. The original goal was to just gain visibility into my own environment. However, after showing the simple views to a few folks, it has grown from there and continues to grow.
In previous Foray into Jenkins, Puppet, Docker, and Photon posts, I was able to clone a Photon OS VM (part 1), deploy a Docker container into the Photon OS VM (part 2), and do automated load testing (part 3). Now it is time to look at improving the security of my Git repository. Given the number of scripts out there to look through GitHub for API keys, usernames, and passwords in order to rack up serious bills on Amazon and other cloud services, it behooves us to be extra vigilant.
In previous Foray into Jenkins, Puppet, Docker, and Photon posts, I was able to clone a Photon OS VM (part 1) and deploy a Docker container into the Photon OS VM (part 2). Now, it is time to do some automated load testing in order to load and security test the deployed application. Load testing is required to determine the upper limit of the load this one container can handle. Once I know that, I can properly scale out the environment. But I also need to ensure that known security holes do not exist. Continue reading Foray into Jenkins, Docker, and Photon: Part 3