Security

Almost three years after VMware vSphere 7.0 was released (April 2, 2020), the Defense Information Systems Agency (DISA) made available the first STIGs for VMware vSphere 7.0 on March 15, 2023. The STIGs can be downloaded from the Public DoD Cyber Exchange STIGs Document Library by searching for “VMware vSphere 7.0 STIG”. I have not completed an in-depth comparison, but from what I’ve noticed, this STIG release aligns with the content previously provided by VMware in their VMware vSphere 7.

This blog post provides a quick walkthrough of configuring NetApp ONTAP System Manager to use VMware Identity Manager/Workspace ONE Access to provide SAML authentication for users. This blog post assumes that your VMware Identity Manager and NetApp ONTAP System Manager environments are online and functional. Create SAML Users in NetApp ONTAP System Manager The first step in this process is to ensure that you have user accounts defined within NetApp ONTAP System Manager to support your SAML users.

In my previous blog post Managing ESXi Local User Accounts from vCenter Server Using PowerCLI, I provided a quick walkthrough of how to manage ESXi local user accounts using VMware PowerCLI and VMware vCenter Server. This post will provide a similar walkthrough, but I will utilize VMware Aria Automation Orchestrator this time. Getting Started This walkthrough assumes that you already have a working VMware Aria Automation Orchestrator deployment and that you’ve already established a connection to your VMware vCenter Server instance from VMware Aria Automation Orchestrator.

There was once a time early in my career when I would SSH to each VMware ESXi host and manually update the root account’s password. As time went by and the environment I was responsible for grew larger, so did the workload for resetting root account passwords regularly. Eventually, I researched and learned that these VMware ESXi local user accounts could be modified using VMware PowerCLI, and password updates became a much easier task.

Update: DISA released the official VMware vSphere 7.0 STIG on March 15, 2023. Information related to my updated compliance content can be found here. While the United States (U.S.) Department of Defense (DoD) Defense Information Systems Agency (DISA) hasn’t officially released a STIG for VMware vSphere 7.0, VMware has released what they refer to as their “VMware vSphere 7.0 STIG Readiness Guide”. This guide, while not an official STIG, is based on years of experience assisting the DoD in generating the official DISA STIG releases for previous VMware vSphere product versions.