VMware has released the latest update to the vRealize Suite, vRealize Automation 8.7, on March 22, 2022. With this release, VMware has provided several enhancements and new features, including a next-generation On-Prem ABX Engine, enhancements to vRealize Automation SaltStack Config, additional OS support for SaltStack Config SecOps Compliance, minor UI changes, and several changes related to deployments. What’s New Updates included in vRealize Automation 8.7.0: Next-generation On-Prem ABX Engine - New Function as a Service (FaaS) engine is much faster, fixes numerous issues with memory limits, and introduces memory-based throttling.

For several years, VMware has been adding new integration capabilities into new releases of VMware Tools. These capabilities often supported VMware products, including vRealize Operations, NSX, AppDefence, and Carbon Black. The latest product to be integrated into VMware Tools 12.0.0 is VMware vRealize SaltStack Config. VMware Tools 12.0.0 now includes the ability to automate the deployment of the Salt Minion software utilizing vSphere virtual machine guest variables. This new integration makes it easier than ever to deploy new Salt Minions to both new and existing virtual machines.

Those familiar with deploying VMware vRealize Suite know just how vital VMware Identity Manager (vIDM) is to support the entire deployment. For those who haven’t deployed VMware vRealize Suite, VMware Identity Manager is the centralized authentication platform integrated throughout the entire VMware vRealize Suite of products. It provides multiple directory options, including Active Directory Integrated Windows Authentication, Active Directory over LDAPS, traditional LDAP directories, and local directories. Authentication options include traditional username/password, x509 certificate/smart card, Kerberos, RSA Adaptive Authentication, RSA SecurID, and RADIUS.

While I will admit that I’m a little bit behind on this one, I’ve finally put together my vRealize Operations compliance content for the VMware vSphere 6.7 STIG that was released by DISA earlier this year. The VMware vSphere 6.7 STIG release was quite different from the previous releases and includes 12 separate STIGs. Not only are there compliance checks related to Virtual Machines, ESXi hosts, and the vCenter Server application, there are also STIGs for various services that make up the vCenter Server Appliance (VCSA).

VMware has been quite busy providing workarounds for all of their products that are affected by the recent Apache Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046. One of the affected products is vRealize Automation 8.0 through 8.6.1. While VMware has stated that these vulnerabilities will be addressed in the future vRealize Automation 8.6.2 and vRealize Orchestrator 8.6.2 releases, they have provided a temporary workaround as detailed in KB87120 for vRealize Automation and vRealize Orchestrator versions 8.