This is something that has been long sought after by many. The hardening guide is 38 pages long packed with hardening information for the vRA Appliance, IaaS Server, Identity Appliance, and Application services appliance. This document takes you through the hardening of the SLES 11, PostgresSQL, Windows Host including SQL Server, IIS, and Microsoft .Net. The hardening guide also covers the network security and securing communications between the vRA components.
The network security section of the guide includes a complete list of all the vRA components and the ports/protocols that are used by the component. Even if you are not ready to start creating a fully hardened deployment it’s worth taking a look at the guide and becoming familiar with the the communications between the different components.
Continue reading “VRealize Automation – vRA (vCAC) 6.2 – Hardening Guide Released”
I am frequently get asked “Should we deploy the vRealize Automation Identity Appliance or should we connect vRealize to the vCenter SSO server”? The answer to this really depends on what is important to you. There are pro’s and con’s both scenarios. Let’s look at the vRealize Identity appliance first.
vRealize Identity Appliance
The major benefit to running the vRealize Identiy appliance is that it is released as part of the vRealize Automation code stream. This is important because if new features are released in vRealize Automation that have dependencies on specific support from the SSO server the Identity Appliance will be updated with the needed support. This will allow you upgrade when a new version is released without having to worry about external dependencies.
The downside of running the vRealize Identity Appliance is the extra administrative overhead, especially of you are deploying an HA environment. It’s extra servers to support, backup, and maintain on top of the vRA Appliance, IaasS Server, and any deployed for DEM’s/Agents. Not a huge deal, but it’s something to consider.
Continue reading “vRealize Autoamtion – vCAC 6.x – Identity Appliance vs. vCenter SSO Server”
Are you getting ready for the pending release of vRealize Automation 6.2 next week? If so you’ll want to make your first stop GitHub to download Brian Graf’svCAC62-PreReq-Automation.ps1 script. If you are not familiar with Brian’s PreREq automation scrip, it is a script that configures all of the needed requirements ion your Windows IaaS server prior to installing vCAC. Brian did a fantastic job with the creation of this, it is a must have if you are installing vCAC from scratch.
In this version he updated the script to account for vCAC 6.2 Pre-Requisites so head on over to https://github.com/vtagion/Scripts/blob/master/vCAC62-PreReq-Automation.ps1 to download the script and get familiar with it to be prepared for the pendinf release.