Tag: security-hardening

Posted on

Runecast Analyzer: new release 1.8

Runecast extends functionality to NSX-V

A new release of Runecast Analyzer is scheduled for June, 26th. Version number 1.8 will come with a bunch of improvements and new features. Most important new feature will be support for the NSX-V platform.  Every important function of vSphere- and vSAN analysis will now be available for NSX-V too.

Feature List

  • The Analyzer now detects NSX issues on VMware NSX-V versions 6.2 – 6.4.x
  • Automated scan and evaluation of the NSX-V Best Practices violations.
  • Automatic NSX-V VMware Security Hardening profile analysis and reporting
  • NSX-V DISA-STIG profile analysis and reporting
  • Automatic discovery of the NSX Managers linked to VMware vCenters
  • Web-console performance improvements for bigger environments (dozens of ESXi hosts).
  • vSphere web console Runecast plugin NSX update with a new issue summary widget.

Links

 

Posted on

Why patching your vSphere infrastructure is just not enough

In recent discussions on why should one use a compliance and security scanner for vSphere I more than once heard a straight opinion: Why should we pay another tool. We have VUM already and just keep our vSphere cluster(s) up to date.

This opinion neglects several crucial facts about vSphere as well as any other software: Not every bug is patched once found right away. Sometimes known vulnerabilities linger for months until they are patched. In addition, some of the problems just cannot be solved by the software provider, VMware in this case.

Let me use two examples to point that out. Continue reading “Why patching your vSphere infrastructure is just not enough”