All your eggs in one basket, privileged user access, no segregation of duties, little or no monitoring and no preventive controls

The rest of the story can be found here…

As well as showing demonstrations of out latest offerings for every attendee that visits us we will be donating towards the American Society of Clinical Oncology Conquer Cancer Foundation.

For more information visit our vmworld webpage.

So hope to see some of you soon!

Compared to traditional monitoring tools for a physical network, tools for virtual systems may not provide the same level of insight or monitoring within intra-host communications or traffic flowing between VMs on a virtual network.

They then lead on to say:

Similarly, specialized tools for monitoring and logging virtual environments may be needed to capture the level of detail required from the multiple components, including hypervisors, management interfaces, virtual machines, host systems, and virtual appliances.

VMinformer can help organizations rapidly audit and monitor virtual environments that need to meet PCI-DSS compliance regulations. We ship with out of the box policy templates based on a number of industry standards including PCI-DSS. To find out how sign up for a no obligation 14-day trial here.

PCI Security Standards Virtualization Guidelines Reference -PCI-DSS Guidelines for virtualization

Sydney – 15 June 2011 - VMinformer, a pioneer in compliance, security and auditing for virtual environments, has announced a major expansion in its Australian partner channel with the addition of four new specialist security resellers based in NSW, Victoria and the ACT.

These latest additions to VMinformer’s network include IPSec, tru Information Security Management, Shearwater Solutions and CommsNet Group and were specifically appointed for their capacity to successfully embrace new technologies and deploy experienced skills which offer the level of security protection end user organisations have come to expect.

Based in Melbourne, IPSec is a specialist provider of information asset protection solutions and services to both the Australian private and public sectors.

“Today’s security infrastructure requires a comprehensive solution that provides security enforcement from the core to the edge of the network, both in the physical and virtual environments. We’re proud to partner with a technology virtualisation leader like VMinformer to provide our customers with a solution that significantly enhances network security and ensures optimum network uptime,” says David McDonald, Sales Director, IPSec.

Headquartered in Sydney, tru Information Security Management, a specialist provider of information security solutions, partners with leading security vendors to offer comprehensive solutions as well as network and security assessment services, architecture, design and deployment support.

“We are excited to announce our partnership with VMinformer. Virtualisation presents unique security challenges and our customers are increasingly aware that they need to review their security policies to address these issues. VMinformer uniquely delivers on those requirements and is an ideal addition to Tru ISM’s portfolio of virtualised and cloud security solutions,” says Simon Coffey, Managing Director, Tru Information Security Management.

Shearwater Solutions specialises in information security with offices in Sydney and Canberra. The company has a diverse client base across multiple industries including government finance, retail, manufacturing, telecommunications and service providers. Its services include designing, implementing and managing security solutions, vulnerability assessments, education, security reviews, vulnerability and penetration testing, audits, development of policies and procedures, and particularly work relating to AS/NZS ISO/IEC 27001 and PCI DSS certification.

Shearwater Solutions’ Principal Consultant, Mark Hofman, said, “As a security consultant and a PCI Council Qualified Security Assessor we provide compliance, auditing and security assessments. VMinformer provides us and our customers with an easy method to prove they are compliant with best practices. No other product provides that level of visibility into the virtualisation security posture of an organisation at the moment. The only way to do it currently is through a manual audit, which takes time and is prone to human error.”

Shearwater Solutions believes there is a growing need for VMinformer’s technology. The company’s general manager, Raymond Kantor, said, “Infrastructure managers are trying to virtualise anything and everything in the data centre. The problem is the hypervisor isn’t inherently secure and hardening guide standards are difficult to audit and control in such a fluid environment. There is a great opportunity for us as in our market (PCI-DSS security), virtualisation is now being specifically referred to in the latest payment card industry data security standard v2.0 and VMinformer is therefore very relevant to all companies with PCI compliance requirements.”

VMinformer has also appointed CommsNet Group based in the ACT which will assist in bolstering VMinformer’s growth in the Federal and ACT government market by deploying skills in assessment and project management deployment.

“We are thrilled to be extending our reseller network in Australia with security partners that offer depth and breadth of services. These partnerships are indicative of our commitment to continually serving the evolving needs of today’s businesses and we look forward to working with them to optimise the security framework for government and private sector virtualised environments”, said John Reeman, Founder and Chief Technology Officer.

VMinformer, a security, auditing and compliance solution for organisations using virtualisation technologies, provides visibility and assurance of an organisation’s security infrastructure and can be used both across an entire virtual infrastructure or in a more selective approach for clients, whilst maintaining the integrity of the virtual computing platform.

About VMinformer

VMinformer are pioneers in compliance, security and auditing for virtual environments.

Established in 2009 VMinformer have been helping organisations understand how security is an essential part of their virtualisation strategy. Providing both services and solutions VMinformer enables organisations to gain insight, visibility and control of their virtual world.

VMinformer is headquartered in Sydney with a regional office in the UK and sales representation in Europe, Japan and North America. VMinformer sells through partners who either have expertise in virtualisation or IT security.

VMinformer has been designed as an affordable technology for assessing the security posture and compliance of virtualised infrastructure. It has been
deployed in over 80 countries.

VMinformer was recently honoured as the winner of the SC Magazine (Australia) 2011 Innovation Award at the AusCERT 2011 conference on the Gold Coast.

For further information, please contact:

Patricia Gibson /David Bass
Bass Public Relations
patricia@basspr.com.au/
david@basspr.com.au
T: 02 9922 6820

The MOB as it is known is used mainly by developers or for debugging. It has direct access to the VMkernel so as well as allowing view access it allows changes to be made. It can be access over port 443 (HTTPS) and requires authentication using the ROOT account password. The MOB if left accessible is a dangerous interface in the hands of an attacker. Therefore it is recommended you disable it or restrict access to it through access control methods.

Remediation

1. Logon to the ESX/ESXi console using SSH or directly.
2. Change directories to /etc/vmware/hostd
3. Edit the following file proxy.xml but before doing so make a copy
4. Find the line "<pipeName>/var/run/vmware/proxy-mob</pipeName>"
5. Comment out or remove the entire section between "<e id=" and "</e>"
6. Then make sure that all "<e id=" are in sequence by renumbering them accordingly
7. Save the file

IMPORTANT: If you mess the file up then make sure you have a backup as you will effect the authentication process and access to the Host.

Sydney –18 May 2011- VMinformer, a pioneer in compliance, security and auditing for virtual environments, today announced it is the winner of the Innovation Award at the Secure Computing (Australia) 2011 Awards.

The award was announced at this week’s annual AusCERT conference on the Gold Coast and recognises a vendor who has put into practice a project, individual or team that has changed the traditional practice of IT security.

“Virtualisation’s spread through the enterprise brings savings but often with risks as traditional security practice is often overlooked or sidelined in the race to efficiency. VMInformer showed itself to be innovative in its approach to securing these virtualised instances and aiding organisational compliance. The judges were especially gratified to award this gong to an Australian-owned vendor, the first to win in any category since the awards started three years ago. The judging panel congratulates VMInformer and looks forward to seeing it come back next year as an SC Magazine awards entry,” said Nate Cochrane, SC Magazine (Australia), Editor-in-Chief.

The award was adjudicated by an expert panel of IT security consultants, directors and chief technology officers, These judges are hand-picked by SC Magazine’s editorial team for their breadth of knowledge and experience in the information security industry. They include; Nigel Phair, Security Consultant and Author; Drazen Drazic, Managing Director, Securus Global; Jason Edelstein, Chief Technology Officer, Sense of Security; Rick Harvey, Chief Technology Officer, Lockbox; Ajoy Ghosh, Chief Information Security Officer, Logica; Phil Kernick, Director, Information Security and Technology; Ben Robson, Director of Operations, IPSec Pty Ltd; Keith Price, National Director, Australian Information Security Association; Nick Ellsmore, Stratsec; James Turner, Advisor, IBRS; Alastair MacGibbon, recently Head of Trust, Safety and Customer Support for eBay Asia Pacific; Joel Hatton, Senior Computer Security Analyst, AusCERT and Nate Cochrane, SC Magazine Editor-in-Chief.

John Reeman, Founder and Chief Technology Officer, VMinformer, said, “We are very honoured to win the Innovation Award. It’s a testament to our belief that security today is an essential part of any organisation’s computer virtualisation strategy. We are thrilled that our technology has been recognised as providing security solutions for virtualised environments that traditional security solutions are simply not equipped to handle as effectively. We look forward to taking our vision and extending it across Australia during the coming year.”


As the industry’s pre-eminent awards program, the annual SC Awards has recognised security’s key contributors and outstanding products for the past three years. The SC Awards honour the professionals, companies and products that help fend off the myriad of security threats that are becoming everyday occurrences in today’s corporate world. Individuals, brands and solutions recognised in the program, address not only the security challenges facing business today, but those that will compromise organisations tomorrow, as virtual computing becomes the computing platform of the future.

SC Awards entries are judged by a panel of leading security officers from large, medium and small enterprises from all major vertical markets – representing the wide distribution of SC Magazine readers.

For more information about VMinformer’s virutalisation security solutions, please go to www.vminformer.com.au


About VMinformer


VMinformer are pioneers in compliance, security and auditing for virtual environments.

Established in 2009 VMinformer have been helping organisations understand how security is an essential part of their virtualisation strategy. Providing both services and solutions VMinformer enables organisations to gain insight, visibility and control of their virtual world.



VMinformer is headquartered in Sydney with a regional office in the UK and sales representation in Europe, Japan and North America. VMinformer sells through partners who either have expertise in virtualisation or IT security.



VMinformer has been designed as an affordable technology for assessing the security posture and compliance of virtualised infrastructure. It has been deployed in over 80 countries.



For further information, please contact:



Patricia Gibson /David Bass

Bass Public Relations                               
patricia@basspr.com.au/
david@basspr.com.au

T: 02 9922 6820



About VMinformer
VMinformer are pioneers in compliance, security and auditing for virtual environments.

Established in 2008 VMinformer have been helping organisations understand how security is an essential part of their virtualisation strategy. Providing both services and solutions VMinformer enables organisations to gain insight, visibility and control of their virtual world.

The company has representative sales offices in Japan, North America and the United Kingdom. VMinformer sells through partners who either have expertise in virtualisation or IT security.

VMinformer has been designed as an affordable technology for assessing the security posture and compliance of virtualised infrastructure. It has been deployed in over 80 countries.

For further information, please contact:

Patricia Gibson /David Bass John Reeman
Bass Public Relations                                Founder
patricia@bassopr.com.au/ john@vminformer.com
david@basspr.com.au T: 02 8004 5422
T: 02 9922 6820

This info came to me from Eric Sloof over at NTPRO.NL it is a Mind Map for Troubleshooting vSphere Network Issues, which is really cool!

Go Check it out over at Eric’s site here…