ChubbyClouds Blogs on vRealize Stack (vRA ,vRO , vROPS , vRLI ) , NSX - T etc

Scope and Purpose of the Blog This blog contains the use-case and requirements for configuring TLS (Secured Authentication) settings on VRA VRO appliances .  This document aims at mitigating the major risk of vRA vRO communicating with domain controller for LDAP queries in plain text\weak ciphers.  This document actually configures the server\devices to communicate with domain controllers using TLS(Secured Authentication). Assumptions and Constraints Following are the assumptions made while creating this document : For performance considerations, TLS is not enabled for localhost connections between some application services. Where defence in depth is of concern, enable TLS on all localhost communications. Disable insecure protocols such as SSLv2, SSLv3, and TLS 1.0 on all load balancers in case If we are terminating TLS on the load balancer.  vRealize Automation deployment uses strong TLS protocols to secure transmission channels for vRealize Automation appliance componen...

Scope and Purpose of the Blog The documents describes the detailed steps involved in conducting POC for  configuring VRLI to be  Syslog server for any physical device here for DMZ Firewalls , by  leveraging DMZ Firewalls option to forward the predefined logs to a syslog server in their settings. So ,if it got successful  , vRLI will capture the logs and save it in form of events in its database. So in future if we want to export those logs from vRLI, it will be in form of CSV format . Assumptions and Constraints Following are the assumptions made while creating this document : One test device is available on which settings have to be made for this POC .  vRLI cluster is working fine .  Further action plan , will be decided on the basis of POC results .  Procedure Configuring VRLI server as Syslog Server in Test Device : Open the Syslog settings on device “TEST Machine ”and below dialog box will open  .  Here , enable syslog server .  Ent...