VMware’s Perfect 10 Vulnerability: Three “Simple” Steps to Admin

Cbronline | April 16, 2020

VMware’s Perfect 10 Vulnerability: Three “Simple” Steps to Admin
On April 9, as many were getting ready in the UK for a long Easter Bank Holiday weekend, VMware quietly pushed out a security advisory for a major vulnerability in vCenter — the centralised management utility for the server and desktop virtualisation giant’s customers. The fix was for a critical flaw that, if exploited, would give an attacker access to the crown jewels of corporate infrastructure: the bug sits at the heart of vmdir (VMware directory service), which is central to a product that manages thousands of virtual machines and virtualised hosts.

Spotlight

Blockchain ou Bitcoin ? « Proof of concept » ou « Mise en production » ? Buzz ou Réalité ? Découvrez en vidéo le projet Concord de blockchain open source développé par VMware, avec Eric Marin, Directeur Technique chez VMware France.

Related News

VMWARE

IGEL Releases Support for VMware Workspace ONE Intelligent Hub for Linux

IGEL | December 09, 2021

IGEL, provider of the next-gen edge OS for cloud workspaces, announced support for VMware Workspace ONE Intelligent Hub for Linux, which facilitates communication between IGEL OS-powered devices and the Workspace ONE Unified Endpoint Management (UEM) console. As a result, mutual VMware and IGEL customers can now simplify device management from a single view for greater visibility and compliance of devices across the enterprise. With the development of Workspace ONE Intelligent Hub for Linux, VMware has affirmed its view of the importance of Linux devices at the endpoint. IGEL is pleased to deliver rapid support for the Workspace ONE Intelligent Hub for Linux to empower its customers with unified visibility to improve their endpoint asset management, productivity and insights. This is another landmark step in our strategic journey to deliver greater integration for VMware Horizon users as they leverage the anywhere workspace for a productive and engaging user experience." Bill McCarthy, Vice President, Business Development, IGEL Thousands of IGEL customers already use IGEL OS to securely access VMware Horizon desktops and workloads every day. The expansion of the partnership extends the value of Workspace ONE to include IGEL OS endpoints, regardless of where they are located. "IGEL is a valuable VMware partner and we are pleased to see the delivery of their support for Workspace ONE Intelligent Hub for Linux," said Jason Roszak, Vice President of Product Management, End-User Computing, VMware. "Linux devices are a strategic component in the fabric of today's enterprise environments and we are excited to empower customers that have embraced IGEL OS with a simple and more secure solution to manage their apps and devices in a single view. Using Workspace ONE Intelligence and data aggregation, our mutual customers can better manage enterprise complexity and security without compromising on user experience." "We believe there is a tremendous value that can be derived from the partnerships and alliances formed between our key vendor partners, and IGEL's collaboration with VMware and support for VMware Workspace ONE Intelligent Hub for Linux is a great example of this," said Mike Strohl, CEO, Entisys360. "Through this alliance, Entisys360 is able to grow our IGEL business further by providing our mutual customers with the ability to simply and securely manage their Workspace ONE desktops and workloads powered by IGEL OS. This unified visibility of both apps and devices improves the end user experience and overall organizational productivity, two significant challenges our customers are solving for in their IT infrastructure environments." Support for the VMware Workspace ONE Intelligent Hub for Linux will be available as a custom partition which can be deployed to IGEL OS devices allowing them to be enrolled into Workspace ONE. This enables IGEL OS and Workspace ONE to offer management capabilities that include asset management and insights for IT productivity and compliance processes. The two companies are also collaborating on cloud connector technology for IGEL Universal Management Suite (UMS) and VMware Workspace ONE UEM which will deliver increased management insights and policy-based control for VMware Horizon and IGEL users. This new IGEL development with VMware is the latest in a long-standing technology partnership between the two companies. Earlier this year, IGEL announced that its product would support VMware Horizon 2106 Microsoft Teams optimization for Linux to support high-fidelity connectivity and collaboration using IGEL OS-powered endpoints. A year ago, IGEL announced its validation of IGEL OS with VMware Horizon 8 and that it has renewed its Advanced tier membership in VMware's Technology Alliance Partner (TAP) program. VMware is also a strategic member of the IGEL Ready technology partner program which validates and verifies interoperability of solutions. About IGEL IGEL is one of the world's leading providers of next-gen edge OS for cloud workspaces. The company's innovative software products include IGEL OS, IGEL Universal Management Suite (UMS), and IGEL Cloud Gateway (ICG). These solutions comprise a more secure, manageable and cost-effective endpoint management and control platform across nearly any x86 device and some ARM/RPI4 devices. Easily acquired via just two feature-rich software offerings, — Workspace Edition and Enterprise Management Pack — IGEL software presents outstanding value per investment. IGEL enables enterprises to save vast amounts of money by extending the useful life of their existing endpoint devices while precisely controlling all devices running IGEL OS from a single dashboard interface. IGEL has offices in Europe and the United States and is represented by partners in over 50 countries.

Read More

SERVER VIRTUALIZATION

VMware Enhances vSphere with Nvidia AI Software Support

VMware | March 25, 2021

With the arrival of vSphere 7 Update 2 in early March 2021, VMware took a significant step into the world of artificial intelligence and machine learning, and now support for Nvidia AI software has arrived on its flagship platform. This wasn't entirely surprising. Nvidia and VMware announced a collaboration during September's online VMworld event, intending to have Nvidia's AI Enterprise software accessible on VMware's platform for deploying and managing virtual machines. With this latest release, vSphere is "exclusively certified" to run Nvidia's AI Enterprise applications and frameworks, which have now been containerized and can be run through an organization's infrastructure rather than in a silo. This, of course, means more support for Nvidia GPUs, which are needed to run the software. "It opens up for both of us a good opportunity," Lee Caswell, vice president of marketing at VMware, told ITPro Today. "We're looking to go and help AI become mainstream in the enterprise. They're looking to open that up for all of our 300,000 vSphere customers, who can now have access to these new capabilities." Access to this market is vital for Nvidia because it will improve revenues in their data center division, which generated $6.7 billion in the previous fiscal year. Obtaining a position in the emerging enterprise AI market is also essential for VMware, which has spent the last few years expanding its offerings beyond the virtualization technology it pioneered, mostly by acquisitions; in 2018, VMware added cloud-native technology to its portfolio with the purchase of the Kubernetes startup Heptio, and about a year later bought back Pivotal a cloud-native platform. Access to this market is vital for Nvidia because it will improve revenues in their data center division, which generated $6.7 billion in the previous fiscal year. Obtaining a position in the emerging enterprise AI market is also essential for VMware, which has spent the last few years expanding its offerings beyond the virtualization technology it pioneered, mostly by acquisitions; in 2018, VMware added cloud-native technology to its portfolio with the purchase of the Kubernetes startup Heptio, and about a year later bought back Pivotal a cloud-native platform. Nvidia and Vsphere Caswell explained that traditionally, AI software has been run on bare metal to prevent possible performance loss associated with moving compute-heavy workloads to VMs or containers. The issue with this approach is that bare metal deployments are not portable. As a result, AI workloads are limited to silos, which is a problem for enterprises who want to use AI on-the-fly throughout their IT infrastructure. VMware and Nvidia were able to containerize Nvidia's AI Enterprise software with almost the same benchmarked performance levels as operating on bare metal by using properties inherent in vSphere's hypervisor. This makes Nvidia AI software easily available across an organization's infrastructure, resolving the issue of ensuring portability while sacrificing substantial efficiency. To function properly, AI software must be able to take advantage of GPUs, which take most of the load off of a server's CPUs by doing much of the heavy lifting. VMware has added support for Nvidia's A100 Tensor Core GPUs, which are used in Nvidia-Certified Systems, Nvidia-tested and licensed server designs sold exclusively by eight equipment manufacturers, including ASUS, Dell EMC, HPE, and Supermicro. In addition to running AI workloads, GPUs can be used for other vSphere features, such as Multi-Instance GPU, which enables GPU cycles to be shared by many users, and Distributed Resource Scheduler for automated workload placement to prevent performance bottlenecks. "Up to seven VMs can now share a single GPU," Caswell said. "That's a more cost-effective way to deploy at the enterprise

Read More

A10 Networks, Dell Technologies Release a Set of Solutions for Single-service or Multi-tenant Virtual Platforms

A10 Networks | June 11, 2020

A10 Thunder® Application Delivery Controller and A10 Thunder Multi-tenant Virtual Platform are turnkey software and hardware solutions that provide flexibility and rapid deployment for multi-cloud infrastructures. The solutions offer single-service or multi-tenant virtual platforms to optimize IT organizations’ CAPEX and OPEX. The A10 Thunder® Application Delivery Controller on Dell Technologies and A10 Thunder Multi-tenant Virtual Platform on Dell Technologies is expected to be available in Q3 2020 initially for the Americas market. A10 Networks today announced a set of solutions that deliver application security and availability for customers who are increasingly facing the operational and security complexities of hybrid-cloud infrastructures. Working with Dell Technologies OEM | Embedded & Edge Solutions, the new set of solutions combine A10’s hybrid-cloud-ready software with purpose-built Dell Technologies hardware for encrypted application delivery, advanced load balancing, and SSL visibility. This provides customers with a single-source vendor to ease lifecycle management. The solutions offer single-service or multi-tenant virtual platforms to optimize IT organizations’ CAPEX and OPEX. Hybrid-cloud Reliance Drives Requirements Digital transformation initiatives are driving rapid adoption of hybrid and multi-cloud environments to serve customers and facilitate workforce transformation, particularly with the recent spikes in work-from-home requirements. At the same time, companies are facing the expanding challenges of realigning and automating security and IT operations to encompass this complex hybrid-cloud world. Operational efficiency, management, visibility and security remain top concerns for organizations. According to a recent survey by the BPI Network, while 84 percent expect to increase their reliance on public or private clouds over the next 24 months, improving hybrid and multi-cloud security is seen as their most critical challenge, followed by a lack of hybrid/multi-cloud talent and expertise, the need for centralized visibility, and the capacity to more effectively manage application and infrastructure complexity.1 In addition, Google has reported2 that 97 percent of Chrome page loads are encrypted, highlighting the need to encrypt server traffic to customers, while also decrypting internal user traffic for security devices to block user attacks. Read More: Securden Eliminates Unveils VPN Hassles with Significant Enhancements to Its Remote Access Solution Enterprises are seeking to boost the proficiency of their IT operations across hybrid and multi-cloud environments while deriving full value from existing investments in technology infrastructure and personnel. This effort necessarily extends to application-delivery infrastructure. The relationship between A10 Networks and Dell Technologies, which combines A10’s robust and scalable load-balancing and security software with Dell Technologies’ widely deployed hardware platforms, helps enterprises achieve greater operational efficiencies through the utilization of familiar technologies that don’t involve a compromise in application availability or security, Brad Casemore, vice president of research for datacenter networks, IDC. Flexible Application Security and Availability A10 Thunder® Application Delivery Controller (ADC), and A10 Thunder Multi-tenant Virtual Platform (MVP) are turnkey software and hardware solutions that provide flexibility and rapid deployment for multi-cloud infrastructures. The new A10 Thunder ADC, designed on Dell EMC PowerEdge R640XL and R740XL servers, as well as Dell EMC Virtual Edge Platform 4600, is a single-service platform that enables: • Application availability to maintain uptime for web applications and data center and cloud infrastructure • Application acceleration to deliver a better user experience, maintain SLAs and optimize server utilization • Application security to enhance the existing security infrastructure and protect against the latest threats, while providing SSL/TLS offload for encrypted server traffic The A10 Thunder MVP, designed on Dell EMC PowerEdge R640XL and R740XL servers, enables multiple services, including Thunder ADC and Thunder SSL Insight (SSLi). The Thunder MVP: • Improves operational agility and flexibility by running multiple independent instances on a single optimized and accelerated hardware platform. Each can run a different version and can be restarted separately • Delivers Thunder ADC instances, providing increased uptime, faster user experience and attack prevention for highly available, accelerated and secure applications • Integrates Thunder SSLi instances, providing security devices with decrypted SSL/TLS traffic visibility to stop data leaks and end-user attacks, for a foundation for Zero-Trust. A10 URL filtering and threat intelligence options can be added for enhanced user security All the solutions can be augmented by the A10 Harmony® Controller to ease SecOps and DevOps deployments, simplify application lifecycle management, integrate into CI/CD workflows and enable fast troubleshooting with advanced drill-down analytics and central management, providing IT operations a consistent on-premises and multi-cloud operational experience. As a leader in the enterprise market, it was a natural decision for A10 to work with Dell Technologies OEM | Embedded & Edge Solutions to bring our application delivery and security solutions to our customers. Our turnkey solutions will help customers tackle the current and emerging business challenges of providing secure and available applications and ensuring networks are protected against attacks in this multi-cloud world, Dhrupad Trivedi, president and CEO of A10 Networks. “Working with A10, we’ve designed a solution to bring together A10’s leading application delivery and SSL visibility with our Dell Technologies solutions to deliver the performance customers expect and need,” said Ron Pugh, vice president and general manager, OEM, Embedded & Edge Solutions, Dell Technologies. “A10’s new ADC and MVP solutions will enable rapid deployments and ease customers’ acquisition process.” Read More: OVHcloud US Launches New Line of Virtual Private Servers to Meet Cloud-based Application Requirements About A10 Networks A10 Networks provides secure application services for on-premises, multi-cloud and edge-cloud environments at hyperscale. Our mission is to enable service providers and enterprises to deliver business-critical applications that are secure, available and efficient for multi-cloud transformation and 5G readiness. We deliver better business outcomes that support investment protection, new business models and help future-proof infrastructures, empowering our customers to provide the most secure and available digital experience. Founded in 2004, A10 Networks is based in San Jose, Calif. and serves customers globally.

Read More

Spotlight

Blockchain ou Bitcoin ? « Proof of concept » ou « Mise en production » ? Buzz ou Réalité ? Découvrez en vidéo le projet Concord de blockchain open source développé par VMware, avec Eric Marin, Directeur Technique chez VMware France.