Skip to content

vBlog.nl

All about technology

Menu
  • Home
  • VMware Cloud Director
  • vSphere
  • Automation
    • PowerCLI
    • PowerShell
    • Terraform
  • NSX
  • Horizon DaaS
  • About Us
Menu

VMware Security and Ransomware Protection

Posted on November 22, 2021

Today I will talk about VMware Security and Ransomware Protection and give some hints and tips you can use in your daily operations to protect your environments.

During the COVID19 pandemic we have seen a huge increase in cyber threats. Ransomware is not only about earning money but selling decryption keys but is becoming more and more the stealing of data and ransoming that off.

VMware has different ideas and solutions around security and protection. The main gateway to this information is the Ransomware Resource Center. Here you can find a lot of useful information on protection your environment.

VMware Security and Ransomware Protection
Source: VMware

Below I have listed some of the most important things to keep in mind when it comes to securing your environment.

Table of Contents

  • Keeping your environment up to date
  • Making sure backup and DR solutions are inplace
    • Backup
  • Disaster recovery
  • Seperate management authentication
  • Ransomware

Keeping your environment up to date

This is the most obvious one. However you will be surprised how often updates are lacking behind. I cannot stress enough the importance of keeping your environment up to date. We have seen several incidents where the lack of patching caused huge impact, both in a technical sense but als financially.

Make sure you have proper procedures in place for security vulnerabilities considered “Important” or “Critical.” Do not wait for the next maintenance window but execute as soon as possible. Also make sure you register to security advisories from VMware to receive the latest information in your email.

The vSphere portfolio has lots of possibilities to help you automate your patch management. But vSphere also has a lot of resilience build in to minimize impact and downtime. Think of features as vMotions, DRS or vCenter HA.

In this document you can find some useful tips on keeping your vSphere environment up to date.

Making sure backup and DR solutions are inplace

Backup

The Second most important thing is, in my opinion, to have proper backups in place.
And with proper I mean not only making backups but also making sure you can use your backups to restore environments. Do regular tests, maybe every 3 or 6 months to make sure you backups are valid. This also gives your administrators the option to test their skills and keep them updated because in emergency situation this will be very helpfull.

Another thing to keep in mind in regards to backups is the 3-2-1 rule. The 3-2-1 rule is basically this:

  • There should be 3 copies of data
  • On 2 different media
  • With 1 copy being off site

Sounds easy enough but as you read this ask your self; Do I have this kind of backup setup in place?

I found this article from VEEAM rather insight full in regards to the 3-2-1 rule. So if you want to see what 3-2-1 is all about hop on over to the article. This is b.t.w. not a recommendation or anything or a promotion to start using VEEAM as your backup product but rather a nice read and explanation in a short blog post that caught my attention.

Disaster recovery

In term of disaster recovery the above advice stands. Make sure you have a tested and proven strategy in place. But also make sure you are aware of the time it takes to recover and be up and running again (RPO/RTO). Also do not confuse Backup with DR. With a backup you have your data stored somewhere else but in case of an emergency that is not related to for instance ransomware, like a fire, you do not have a location or equipment to restore to.

Officiously there are the hyperscalers and other cloud solutions you could quickly start using but it takes time and effort to set that up and if you have massive amounts of data restoring will take forever.

VMware products that can help you with your DR setup are things like Site Recovery Manager (SRM) or VMware Cloud Director Availability.

Seperate management authentication

With phishing attacks becoming more and more a daily threat it is import to make sure you have seperation of managent authentication in place.

Some things to keep in mind here are:

  • Have dedicated administrative accounts in place
    • Do not use accounts with the highest rights available (for instance do not use the Enterprise domain administrator account when managing Active directory)
  • Do not expose important infrastructure components directly to the internet
  • Have only people (vSphere administrators) that need access to specific resources like vCenter been granted access. Do not just hand out access because it could be handy or easy.
  • Separate network segments

Ransomware

There are so many components involved to make sure you are properly prepared to fight of Ransomware attacks that I will not go into all of them here but rather point you to this great document from VMware which is very detailed and comprehensive.

But there are some general ideas or tips to keep in mind aswell:

  • Train your users, make sure they are know how to deal with suspicious activities or password management for instance:
    • Phishing
    • Social engineering
    • Sloppy password management (post-it notes…)
    • Do not share confidential information, making sure you check company policies around information security

And of course as I pointed out in the beginning of this blog there is the Ransomware Resource Center.

Some nice things to look out for in the RRC center and other resources are:

  • Practical Ideas for Ransomware Resilience in VMware vSphere Environments
  • Security configuration guides
  • Patchmanagement of vSphere environment
  • VMware security advisory
  • Carbon black
  • VMware Security Solutions

I hope the information I shared is useful and that you have some new and fresh insights for your own environments.

 863 total views,  1 views today

Share on Social Media
twitter facebook linkedin reddit emailwhatsapptelegram

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent articles

  • VMware Cloud on AWS with FSx for NetApp ONTAP December 28, 2022
  • Workspace ONE Access – Change certificate December 22, 2022
  • UI themes for VMware Cloud Director 10.4.1 and later December 16, 2022
  • VMware Tanzu Kubernetes Grid December 15, 2022
  • Workspace One Access – Not logged in to server FQDN. Please invoke Save before Sync December 12, 2022
  • NSX Edge configuration has failed. 1G hugepage support required. December 7, 2022
  • Horizon DaaS – Unable to connect to Desktop November 24, 2022
  • How to: Request and Install a Lets Encrypt Wildcard SSL on VMware Cloud Director 10.4 October 17, 2022
  • New and improved vSAN 8 explained September 24, 2022
  • How to update a stand alone ESXi host September 13, 2022

Tags

Automation bootstrapping Container Service Extension Credential Manager Desktone.log ESXi EUC EXi GPU Horizon DaaS Instant-Clone Logging NSX nsx-t PowerCLI PowerShell Putty Raspberry PI SSL Tanzu Terraform update vcd-cli vCenter vCloud vCloud Availability vCloud Director VDI vGPU VMware VMworld vSAN vSphere vVols workspace one Zerto

VMware Cloud Provider Blog

  • NSX ALB Licensing with VMware Cloud Director
    by Jaikishan Tayal on March 27, 2023 at 10:33 am

    History of NSX ALB and VCD Licensing: From version 10.2, VMware Cloud Director began supporting NSX-T Advanced Load Balancer (AVI Load Balancer). This integration has become crucial for Cloud Services Providers, allowing them to provide their customers with a range of Load Balancing services (LBaaS) for Virtual Data Center workloads and Tanzu containers. Before the … Continued The post NSX ALB Licensing with VMware Cloud Director appeared first on VMware Cloud Provider Blog.

  • VMware vSAN 8 Update 1 for Cloud Services Providers
    by Christopher Wong on March 24, 2023 at 3:00 pm

    Recently, VMware announced the upcoming release of vSAN 8 Update 1. This latest update enhances vSAN’s capabilities and functionality with additional improvements for performance, data durability, and integration. Cloud Services Providers who are leveraging the capabilities of vSAN 8 can expect to see additional benefits in these areas as they deploy this upcoming release into … Continued The post VMware vSAN 8 Update 1 for Cloud Services Providers appeared first on VMware Cloud Provider Blog.

  • Terraform VMware Cloud Director Provider 3.9.0 – Beta early access build
    by Guy Bartram on March 24, 2023 at 11:06 am

    The release time for version 3.9.0 of Terraform VMware Cloud Director Provider is approaching,and for the first time, we’re releasing a beta, so users can try the new features and give helpful feedback that will improve the final release. What is a “beta” build? A beta build is a preliminary release of an intended new … Continued The post Terraform VMware Cloud Director Provider 3.9.0 – Beta early access build appeared first on VMware Cloud Provider Blog.

  • VMware Cloud Director Object Storage Extension 2.2.1
    by Astha Sharma on March 16, 2023 at 5:45 pm

    Object Storage Extension 2.1.1 The post VMware Cloud Director Object Storage Extension 2.2.1 appeared first on VMware Cloud Provider Blog.

  • Architecting VMware Cloud Director Availability Solution in a Multi-Cloud Environment
    by Nikolay Patrikov on March 15, 2023 at 1:09 pm

    Building a cloud based on VMware Cloud Director or Cloud Director service requires a considerable amount of deployment decisions for Cloud Providers concerning the infrastructure behind their services. They can operate fully on-premises within their data centers or combine them with any of the hyperscalers in a hybrid way. These design decisions affect the DRaaS … Continued The post Architecting VMware Cloud Director Availability Solution in a Multi-Cloud Environment appeared first on VMware Cloud Provider Blog.

©2023 vBlog.nl | Design: Newspaperly WordPress Theme