Digital transformation is not without its challenges. Businesses today are faced with increasingly complex environments and a growing need for efficiency. At the same time, there are new and highly sophisticated threats every day, and organisations still need to support existing and new apps, as well as services and frameworks.
This is no easy task, said Ray O'Farrell, VMware's CTO, during his keynote address at VMworld 2016 Europe in Barcelona this morning.
With these challenges in mind, O'Farrell said VMware has added a slew of security enhancements to its recently launched vSphere 6.5 platform. The company addressed three major areas: a dramatically simplified experience, comprehensive built-in security, and a universal app platform.
In terms of security, he said the enhancements focus on three pillars: "Secure access, secure infrastructure and secure data."
In order to accomplish this, O'Farrell said vSphere 6.5 debuts several security features. Firstly, audit quality logging. In the past, vShpere logs were focused more on troubleshooting than security.
This has changed in vSphere 6.5, which features advanced logging. Logs are now actionable by sending the complete vCenter event out via the syslog data stream. Instead of getting a notice that 'something' has changed, the system lets the user know exactly what has changed, what it changed from, and what it changed to, said VMware.
The platform also introduces the Secure Boot feature. With this feature enabled, the UEFI firmware validates the digital signature of the ESXi kernel against a digital certificate in the UEFI firmware, making sure that only a properly signed kernel boots. For ESXi, VMware has taken Secure Boot a step further by adding cryptographic assurance of all components of ESXi.
Finally, encryption has been added to vSphere 6.5. Encryption will occur in the hypervisor, 'beneath' the virtual machine. As I/O comes out of the virtual disk controller in the VM it is instantly encrypted by a module in the kernel prior to being sent to the kernel storage layer. Both VM Home files and VMDK files are now encrypted.
Share