VMware Aria Operations (formerly vRealize Operations)
The VMware vSphere Security Configuration Guide has long been the standard baseline for hardening VMware vSphere environments utilized by engineers across the world. As such, with the release of VMware vSphere 8.0, VMware also released a new version of the security configuration guide. For those familiar with implementing United States (U.S.) Department of Defense (DoD) Defense Information Systems Agency (DISA) STIGs, the guidance provided within the VMware vSphere 8 Security Configuration Guide should seem quite familiar.
vRealize Operations has received its latest update on April 25, 2022. vRealize Operations 8.6.3 is a maintenance release which resolves several important security, performance, stability, and functionality issues identified in the product.
Those familiar with deploying VMware vRealize Suite know just how vital VMware Identity Manager (vIDM) is to support the entire deployment. For those who haven’t deployed VMware vRealize Suite, VMware Identity Manager is the centralized authentication platform integrated throughout the entire VMware vRealize Suite of products. It provides multiple directory options, including Active Directory Integrated Windows Authentication, Active Directory over LDAPS, traditional LDAP directories, and local directories. Authentication options include traditional username/password, x509 certificate/smart card, Kerberos, RSA Adaptive Authentication, RSA SecurID, and RADIUS.
While I will admit that I’m a little bit behind on this one, I’ve finally put together my vRealize Operations compliance content for the VMware vSphere 6.7 STIG that was released by DISA earlier this year. The VMware vSphere 6.7 STIG release was quite different from the previous releases and includes 12 separate STIGs. Not only are there compliance checks related to Virtual Machines, ESXi hosts, and the vCenter Server application, there are also STIGs for various services that make up the vCenter Server Appliance (VCSA).
Unless you’ve been living under a rock the past couple days, you’ve likely been seeing many articles regarding CVE-2021-44228 which describes a remote code execution vulnerability within Apache Log4j. Apache Log4j is a Java-based logging utility used by many applications across the world, and as such, this vulnerability is a huge issue due to how easy it is to exploit as well as the sheer number of vulnerable devices. Like most companies with Java based applications, many of VMware’s products utilize Log4j to provide application logging capabilities.