With VMworld 2016 US event just around the corner, we thought it would be a good time to look at some of the new features introduced in the ManageIQ community related to our support for VMware.
ManageIQ is the open source project behind Red Hat CloudForms. The latest product features are implemented in the upstream community first, before eventually making it downstream into Red Hat CloudForms. This process is similar for all Red Hat products. For example, Fedora is the upstream project for Red Hat Enterprise Linux and follows the same upstream-first development model.
In this article, we look at the recent development of a vCloud provider in ManageIQ. VMware vCloud becomes the latest addition to the list of supported public cloud providers, joining Amazon Web Services, Microsoft Azure, Google Cloud Platform and OpenStack.
Continue reading “First look at VMware vCloud provider in ManageIQ / CloudForms”
The recent discovery of a protocol flaw on Samba server (see CVE-2016-2118) raises once again the question of managing security and compliance of systems. How can we identify easily which systems are affected? And, how can we validate that these environments are correctly patched?
Continue reading “Are your systems affected by BADLOCK Security flaw?”
As you have probably noticed by now, the attack on OpenSSL known as DROWN – Decrypting RSA using Obsolete and Weakened eNcryption has recently been discovered. Red Hat Product Security have provided patches for OpenSSL and recommend to apply them to affected systems.
In this post, we will discuss how Red Hat CloudForms and ManageIQ can assist in identifying environments at risk of the DROWN OpenSSL cross-protocol vulnerability. In addition, CloudForms can audit your environments and validate that the patches have been applied.
How can Red Hat CloudForms help?
CloudForms provides a policy based compliance check which can be used to verify software and configuration of servers and validate security requirements. These policies are created as a combination of an event, a condition and an action, and use a scope (usually set to infrastructure or guests) to determine if the policy needs to run. Additional information on using policies can be found in the product documentation: Defining policies and profiles.
Continue reading “Managing Patching Compliance Using DROWN OpenSSL Vulnerability as an Example”
UPDATED : Video version of this blog…..found here… http://youtu.be/RDcIIyYK044
So this Shell-Shock stuff is hitting the press quite a bit!
Fncy finding out really quickly if your Red Hat Enterprise Linux 6.5 systems are patched correctly? Even if they are turned off right now? Wow that is clever not even the virtual infrastructure players can do that…I know…its cool. Here it is..
Continue reading “Shell-Shock – Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169)”
So for the past few years Savon v1.1.0 has been the default GEM in the appliance. Heres a scoop! In future releases, and the upstream builds have Savon v2.
What does this mean? Well v2 has a slightly different syntax to its connections and function call. Here is a v2 SOAP example:
Continue reading “SOAP – SAVON v2 Syntax”