Today, VMware is introducing the new vRealize Cloud Universal subscription. With this new hybrid subscription offering, VMware is providing customers the flexibility to consume both on-premise and SaaS vRealize Suite products and services using a single subscription license. This offering allows customers the freedom to move workloads between on-premise and SaaS offerings interchangeably without the requirement to purchase new licenses. Additionally, this new offering provides access to Cloud Federated Analytics and Cloud Federated Catalog capabilities.

It seems like it wasn’t too long ago that I posted that Patch 3 had been released for vRealize Automation 7.6 (technically it was March 2, 2020). Since then, VMware has been quite busy resolving various issues within vRealize Automation 7.6 and have released 11 additional patches as well as 2 cumulative security updates. Patch 14 for vRealize Automation 7.6 was released by VMware on September 22, 2020, and only contains 1 fix related to “Email notifications fail to work properly over time requiring service restarts”.

On July 24, 2020, VMware released the second patch for vRealize Automation 8.1. Patch 2 including forty-eight fixes for Provisioning, the Service Broker, vRealize CodeStream, Identity, vRealize Orchestrator, and virtual appliance/clustering. The hotfix can be installed using vRealize Suite Lifecycle Manager 8.1. It is recommended to install vRealize Suite Lifecycle Manager 8.1 Patch 1 before installing vRealize Automation 8.1 Patch 2 (8.1.0.9583). For complete details on the items that have been resolved with this hotfix, review the VMware KB article Cumulative Update for vRealize Automation 8.

I just wanted to provide a quick post to bring attention to the latest VMware Security advisory VMSA-2020-0009. The products affected include: vRealize Operations 7.5.0 vRealize Operations 8.0.x vRealize Operations 8.1.0 If you utilize the vRealize Operations Application Remote Collector (ARC) appliance to monitor operating systems or applications via the Telegraf agents, you should immediately implement the workaround documented in VMware KB79031. While two vulnerabilities were announced, both relating to Salt, an open-source project by SaltStack, the authentication bypass vulnerability (CVE-2020-11651) received a CVSSv3 base score of 10.

VMware’s vRealize Operations is an excellent monitoring, analytics, and self-driving IT operations platform that supports numerous applications and infrastructure systems out of the box. Management packs are available from both VMware and third-parties to extend these out of the box capabilities to a wide variety of additional applications and infrastructure systems. Unfortunately, management packs aren’t available for every hardware device that you might need to monitor. In these situations, monitoring via SNMP might be your only choice.