Tag Archive: Security

Dec 15

PowerCLI for VM Encryption

Hi everyone,

I’m happy (ok, beyond happy!) to announce that our VM Encryption engineering team has released a PowerCLI module for VM Encryption! In case you weren’t aware, there’s a Github repository of VMware PowerShell modules. Check them out!

Included in there is the new PowerCLI Module for VM Encryption. It’s chock full of lots of great cmdlets and new VI Properties that make your day to day management of vSphere 6.5 VM Encryption easier to automate. The goal here is to help you operationalize security as easily as possible. If you can’t make security easy to incorporate into your day to day operations then people will find a way to not do it.

Encrypting a VM shouldn’t mean having to manage an encryption solution IN the VM. It should be as simple as “Get-VM” and piping that to “Enable-VMEncryption”, right? Well, with VM Encryption it IS! Let’s take a look.

Read the rest of this entry »

Apr 19

Supported vSphere vCenter and ESXi Ciphers

Hi everyone,

One question that comes up regularly is “What ciphers are supported on vCenter and ESXi?”. I’m happy to share that we have published a VMware Knowledge Base article outlining the supported ciphers!

With all of the challenges around SSL/TLS the past year or two, having a solid idea of what ciphers are being used is becoming critical information that is necessary for IT and security teams to do their jobs.

Rather than list the ciphers here, I’ll just point you at the KB as it will be the central repository for this information and will be updated as necessary.

Read the rest of this entry »

Apr 07

Authorized Keys and ESXi 6.0 Update 2 – Changes to OpenSSH

sshWilliam Lam brought up some feedback on Socialcast the other day. The story was of a customer who updated to ESXi 6.0 Update 2 and the SSH keys he was using no longer worked. The customer was advocating for changing the file /etc/sshd_config so that he could continue to use the keys on his ESXi server. IMHO, that’s the wrong course of action.

Read the rest of this entry »

Older posts «