Today is the last day of VMware Partner Exchange 2011. I am now sitting at Orlando airport writing this post. It will be a long way heading back to Silicon Valley.
My presentation today is about security from API perspective. It’s mainly not about the security best practices or guidelines as captured in the vSphere security hardening guidelines, but about how to automate the checking and hardening process. I introduced the security model in vSphere and the techniques and samples on patching up vulnerabilities with vSphere API.
Bothered by SLOW Web UI to manage vSphere? Want to manage ALL your VMware vCenters, AWS, Azure, Openstack, container behind a SINGLE pane of glass? Want to search, analyze, report, visualize VMs, hosts, networks, datastores, events as easily as Google the Web? Find out more about vSearch 3.0: the search engine for all your private and public clouds.
Although vSphere API is very powerful, it cannot do everything for you. In some cases, you still need to do things manually and make judgment by yourself. Also, you want to balance the security and convenience in your environment. You don’t want to overly secure your environment to the extent that it’s hard to get anything done.
During my presentation, I got to know quite few folks. One of them designed something very similar to the ghetto security checking script by William Lam (@lamw), but using PowerCLI. As he showed me on his iPad connecting back to his office, I found it very impressive. Not only can it check the compliance, but also take actions to correct them.
As an open source guy, I always encourage folks like him to share his great work with the community. Because that is done in a contract for his customer, he will go back checking with his customer first. When he gets OK, I will introduce more of his work. By then you will know who he is.
BTW, next partner exchange will be in Venetian Hotel, Las Vegas, Feb 13-16, 2011. Please mark your calendar for the event.