Archive | Security RSS feed for this section

VMware Horizon View External Security Server and POODLE Vulnerability

Using VMware Horizon View and an External Security Server?  You may be vulnerable to “Poodle” (CVE-2014-3566)! VMware has released several KB’s on the issue. VMware Products and CVE-2014-3566 (POODLE) (2092133) Disabling SSLv3 connections over HTTPS to View Security Server and View Connection Server (2094442)   In regards to Horizon, 5.3.3’s release notes clearly state that […]

Read full story Comments { 0 }

Trend Deep Security 9 – DO NOT UPGRADE

If you’re running ESX 5/5.1, do NOT upgrade/install Trend Deep Security 9.  There’s a good chance you will find this bug… we sure did! I found this after 3 of my ESXi hosts intermittently PSOD (failed, died, kicked the can). It’s always fun for your environment to be the reason that a tech-vendor has […]

Read full story Comments { 1 }

Trend Micro Deep Security 9: Exclude Network Shares from Anti-malware scans

I found a little problem with the default real-time scan settings in Trend Micro Deep Security 9 that we deployed last week… there are no exclusions set!  It first found “malicious” files in my DataDomain backup share on my Veeam server.  The folder is a UNC Share path “\\wf.local\sysvol\Datadomain\Veeam\Backups”. It is simple to create a […]

Read full story Comments { 0 }

Trend Micro Deep Security 9: What is it?

Trend Micro Deep Security 9 is an acquired product from “Third Brigade” that is an integrated solution into the Hypervisor in the VMware ESXi environment.  It is used with Agents or can be Agent-less. With an Agent-less install, you’ve got:  Intrusion Prevention, Firewall, Anti-Malware, Web Reputation, Integrity Monitoring, and Log Inspection. It can go into your […]

Read full story Comments { 0 }

Integrating RSA SecurID with VMware View iPad Client

I’ve been struggling for a few months to find the answers to all of life’s questions… err.. I mean how to integrate an RSA SecurID soft-token with the VMware View iPad Client. Why? PCI Compliance requires multi-factor authentication for remote access to your cardholder data environment.  It’s also a good security practice if you use […]

Read full story Comments { 0 }