Home > News & Events > VMware PEX 2011 – Day Four

VMware PEX 2011 – Day Four

February 11th, 2011 Leave a comment Go to comments

Today is the last day of VMware Partner Exchange 2011. I am now sitting at Orlando airport writing this post. It will be a long way heading back to Silicon Valley.

My presentation today is about security from API perspective. It’s mainly not about the security best practices or guidelines as captured in the vSphere security hardening guidelines, but about how to automate the checking and hardening process. I introduced the security model in vSphere and the techniques and samples on patching up vulnerabilities with vSphere API.

Time to learn how to "Google" and manage your VMware and clouds in a fast and secure


Although vSphere API is very powerful, it cannot do everything for you. In some cases, you still need to do things manually and make judgment by yourself. Also, you want to balance the security and convenience in your environment. You don’t want to overly secure your environment to the extent that it’s hard to get anything done.

During my presentation, I got to know quite few folks. One of them designed something very similar to the ghetto security checking script by William Lam (@lamw), but using PowerCLI. As he showed me on his iPad connecting back to his office, I found it very impressive. Not only can it check the compliance, but also take actions to correct them.

As an open source guy, I always encourage folks like him to share his great work with the community. Because that is done in a contract for his customer, he will go back checking with his customer first. When he gets OK, I will introduce more of his work. By then you will know who he is.

BTW, next partner exchange will be in Venetian Hotel, Las Vegas, Feb 13-16, 2011. Please mark your calendar for the event.

Categories: News & Events Tags: ,
  1. March 23rd, 2011 at 14:21 | #1


    I have continued to update our internal vSphere Security Configuration Hardening and Scan Tool that you got a demo of at PEX 2011. No word yet on releasing it yet as an Open Source package, but I am working out the details with my internal customer to either get it licensed or released for some form of the GPL/etc.


  2. March 23rd, 2011 at 14:26 | #2

    Hi Jacob,

    Thanks a lot for the update. Any estimate on what time-frame? Look forward to it!


  1. February 11th, 2011 at 16:20 | #1