Here are some quick thoughts on the WannaCry ransomware threat that emerged this past Friday [L.A. Times, Bloomberg, etc], as I get ready for the work week.
- I wouldn’t want to be the person in the office of the CISO who wrote a security exception for Windows XP this week
- The Shadow Brokers disclosure of this vulnerability isn’t what enabled this attack, it’s the lack of disclosure from everyone who knew about it but didn’t tell Microsoft.
- It sure would be nice to have an easy way to see what computers are and aren’t patched against the vulnerabilities swiped from the NSA toolkit. Or to work for a software company that sold a solution that could give you that information (I don’t).
- PAN discussed how the attack spreads after getting past a perimeter. I’d encourage anyone with a micro-segmentation solution to make sure that they’re mitigating the methods of attack spread.
Angel Villar Garea, a VMware Systems Engineer, has a video out on how to block the spread using NSX.
How about physical machines? While platforms like NSX provide increased security via hardware VTEPs, I don’t think we yet have a mature way to push down security controls to the physical switch that the desktop is plugged into. Or the WiFi router. Again, in my view, the strength of a platform like NSX is it’s ability to integrate with next generation physical firewalls from other vendors to extend security policies to the physical world.
WannaCry is only the latest ransomware to come along. It’s probably only the first to leverage to tools from the Shadow Brokers leak of stolen US Government zero-day attacks. What are you doing in your organization to block the next one?
Photo by bbearnes
My past 18 months at VMware have been a whirlwind of training, customer relationships, and new product announcements. I’m starting to see a pattern of questions, especially about where new VMware products fit into the portfolio. This is the first of series of posts about the VMware portfolio in 2017, all my humble view of things, of course. First up, VMware Cloud Foundation (VCF). In the future, I’ll take a look at VMware Cloud on AWS and vRealize Automation. Please let me know if you have a burning desire for my perspective on something else. *grin*
Continue reading VMware Cloud Foundation Basics – Why You Need VCF In Your Data Center
In the wake of VMware’s vSphere 6 announcements, I’ve had multiple clients ask me about SDN Solutions for vCloud Suite. For quick background, SDN (Software Defined Networking) in vCloud Suite 5.x and earlier consisted of vCloud Networking and Security (vCNS). vCNS is a bundle of virtual networking appliances to provide …
… virtual firewall, virtual private network (VPN), load balancing, NAT, DHCP and VXLAN-extended networks.
So why am I bringing this up? Well, in vCloud Suite 6, vCNS is no longer included. Well, mostly. If you’re a VMware Service Provider partner (VMware IaaS Powered Services), vCNS is still part of the Premier and Premier Plus bundles. Continue reading SDN Solutions for vCloud Suite 6