VMware’s engineers published another free tool on VMware Labs. The new fling (VMware Workspace ONE Provisioning Tool) helps you to test and validate applications. Let’s review VMware Workspace ONE Provisioning Tool.
OpenSCAP is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists. It also combines with other specifications such as CPE, CCE, and OVAL, to create a SCAP-expressed checklist that can be processed by SCAP-validated products.
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
At the first part, we’ve reviewed GSM (Greenbone Security Manager – Formerly OpenVAS) as a security manager or assessment tool for discovering vulnerabilities on virtual environments, the second part was more functional and we talked more about GSM. You leaned that how can you create a target on Greenboone Security Manager and scan it to discover vulnerabilities.
As I said at the end of second part of the blog post, the third part is related to resolving security issues. Any software and specially operating systems have “Hardening Guide”. You must follow steps of hardening guide to reduce security vulnerabilities effect on production environments.
We have reviewed reasons of have Vulnerability Assessment or Vulnerability Manager in virtual environments and how these software help us to find vulnerabilities on any component of virtual infrastructure. We have reviewed OpenVAS or Greenbone Security Manager and talked about features and abilities.
Now, it’s time to use the GSM server that we had prepared on the previous part. In this part of blog post, we’ll configure a target (ESXi Server) on OpenVAS server, create a task for scan and find the result of scan.
I’ve installed ESXi 6U1 (3029758) on a virtual machine and there is no customized configuration, all configurations are default.
Over the years, XTables (IPTables, IP6Tables, ARPTables and EBTables) were using as user-space utility programs for packet filtering in Linux distributions such as Red Hat Enterprise Linux or Ubuntu. Now, Linux vendors are replacing XTables with next generation packet classification framework which called NFTables.
nftables replaces the popular {ip,ip6,arp,eb}tables. This software provides a new in-kernel packet classification framework that is based on a network-specific Virtual Machine (VM) and a new nft user-space command line tool. nftables reuses the existing Netfilter subsystems such as the existing hook infrastructure, the connection tracking system, NAT, user-space queuing and logging subsystem.
In virtual environments, any vulnerability has affect on virtual infrastructure and those who get the service including internal and external services. So at least, any organization should have process to identifying vulnerabilities. Identifying vulnerabilities needs tools in IT infrastructure to scan devices, operating systems and applications and find vulnerabilities (Especially security vulnerabilities).
These days, everyone knows what’s Cloud Computing and cloud based services are using for speedup deployment of organizations services. Operating System Level Virtualization or Containers helping system architectures and administrators to achieve the goals. There are many implementations for containers that today, those methods are compatible with different hardware architectures and operating system.
You may know that Unix has OS Level Virtualization from past years and this technology is very older than other virtualization such as Full Virtualization or Paravirtulization.
Full Virtualization (VMware ESXi, Hyper-V) and Paravirtualization (Xen, UML) provides different guest OS but there is no way to use different guest OS when you are using containers. Of curse, some solutions are under development.
HPE Management Component Pack or HPE MCP provides agent software for use on community-supported distributions. The MCP (unlike the SPP) does not provide drivers and firmware (firmware is provided via HPSUM, and drivers are provided by the distribution vendors). The Linux Service Pack for ProLiant provides updated drivers and agent software for use on RedHat Linux and SUSE Linux Enterprise Server.
vSphere Central brings together a variety of technical assets from VMware that helps users understand how vSphere works, how to implement various features, plan upgrades, and more. With content in a range of formats, including text, video, and rich media tools such as walk-through demos, the goal is to be a one-stop shop for original and curated technical content on vSphere.
VMDK (Virtual Machine Disk) has been designed to mimic the operation of physical disk. Virtual disks are stored as one or more VMDK files on the host computer or remote storage device, and appear to the guest operating system as standard disk drives.
VMware supports three provisioning types:
Thin Provisioned
Thick Provisioned
Eager-zeroed Thick Provisioned
vSAN is hyper-converged solution which provided by VMware to reduce implementation and maintenance costs of virtualization solutions. Currently, many companies and organizations using vSAN and SAN together to delivering storage space for services.
Persistent memory (PMEM) is a new technology that has the characteristics of memory but retains data through power cycles. PMEM bridges the gap between DRAM and flash storage.
HPE Serviceguard for Linux (SGLX), a high availability(HA) and disaster recovery (DR) clustering solution, increases uptime for your critical applications by protecting them from a multitude of infrastructure and application faults across physical or virtual environments over any distance. It reduces the impact of unplanned downtime with no compromise on data integrity and performance. Furthermore, it helps achieve near zero planned downtime for maintenance.
The Security Compliance Toolkit (SCT) is a set of tools that allows enterprise security administrators to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products.
