Security
DISA Releases STIGs for VMware vSphere 6.5
Reading time: 7 minutes
Update: On Oct 25, 2019, DISA released the first update to the VMware vSphere 6.5 STIGs
As of today, the Defense Information Systems Agency has made available the first STIGs for VMware vSphere 6.5. These STIGs can be downloaded from DoD Cyber Exchange here: DISA Virtualization STIG Downloads. The VMware vSphere 6.5 STIG ZIP file contains the following:
VMware vSphere 6.5 Version 1 Release 1 - Overview PDF VMware vSphere 6.
Configure Splunk to Use a vCenter/PSC as a SAML IdP
Reading time: 6 minutes
Why Use a VMware vSphere Platform Service Controller? As mentioned in a previous post, Splunk Enterprise is a fantastic application for handling the massive amount of log data generated by VMware virtualization environments. Since every VMware vCenter deployment includes at least a single Platform Service Controller (PSC), you can easily configure your Splunk Enterprise deployment to use the same authentication services making it easier to access your log data.
Items to Keep in Mind Splunk Enterprise requires that the following information be passed back as part of the SAML assertion from the IdP: Role Splunk Enterprise will use the following information if it is passed back as part of the SAML assertion from the IdP: Email, Real Name As of Splunk Enterprise version 7.
Configure Splunk to Use VMware Identity Manager as a SAML IdP
Reading time: 9 minutes
Splunk Enterprise is an awesome platform for analyzing massive amounts of data at scale. Because of this, it’s a popular system for aggregating log data from VMware virtualization environments. Its flexibility and ability to search through significant quantities of log data at great speeds is why I’ve been utilizing it for years. Today I’m going to go over the process to integrate VMware Identity Manager (vIDM) as a SAML 2.0 identity provider (IdP) for Splunk Enterprise authentication.
Automated Alert Remediation in vRealize Operations 7.x using vRealize Orchestrator
Reading time: 7 minutes
Have you ever wished that you could automatically execute a custom workflow in response to an alert generated in vRealize Operations? In previous releases of vRealize Operations, there wasn’t an easy way of accomplishing this. While there were many actions that could be executed using the built-in VMware vSphere solution, there wasn’t an easy built-in method to execute custom actions. With the introduction of the VMware vRealize Operations Management Pack for vRealize Orchestrator, VMware has finally made this possible.