security audit survival guide

The main point of a security audit is not to try and strangle the auditor, he is just doing his job, although you might think he is there to make your life impossible. I have put together a collection of posts, so you need not fear the dreaded visit of the men in dark suits... …

Security Audit – Set time source

For logging to be valid a time source (ntp server) should be set on each host To configure or change the setting see the post Reconfigure NTP Servers by esx cluster as this will save you heaps of time...:-)   This configuration can then be validated through powerCLI or vCenter Get-VMHost <hostname> | Select Name, …

Security Audit – Set and validate lock down mode for multiple hosts

It seems like the audit community have understood lockdown mode and are typically requesting that it is applied By enabling lockdown mode, no users other than vpxuser have authentication permissions, nor can they perform operations against the host directly. Lockdown mode forces all operations to be performed through vCenter Server. Though be warned if you …

Useful NSX commands

Controller status commands # show control-cluster status # show control-cluster connections # show control-cluster startup-nodes # show control-cluster roles # show control-cluster history # join control-cluster xxx.xxx.xxx.xxx # join control-cluster xxx.xxx.xxx.xxx force # show status # show network interface # show network default-gateway # show network dns-servers # show network ntp-servers # show network ntp-status …

NSX Labs – Nested ESXi for NSX Lab

Nested ESXi for NSX Lab In my last lab build for NSX I came across some issues that were very time consuming to diagnose as they only show up when you start working with nsx I built the nested esx lab in esxi5.1 with vsphere 6 esxi and vsca. See the diagrams in other post for …

PowerCLI – Find mac in a haystack

find a vms mac in two minutes with this really useful one-liner Get-VM | Get-NetworkAdapter ´ | Where-Object {$_.MacAddress -eq "00:50:56:xx:xx:xx:"} | Select MacAddress,NetworkName,Name,Parent,ConnectionState Ok, it's a bit slow to run, this function by Robert van den Nieuwendijk is much faster   [code language="powershell"] function Get-VmByMacAddress { <# .SYNOPSIS Retrieves the virtual machines with a …