Related Tips & Info

Securing ZENworks Virtual Appliances with System Updates

asudheer
 
0 Likes

About ZENworks Virtual Appliance



As we all know ZENworks Virtual Appliance is an alternate way to traditional way of deployment & installing ZENworks Server. This is fast, convenient, lowers deployment costs and accelerate time-to-value with a “plug-and-play” virtual appliance.

Securing ZENworks Virtual Appliance



As we release a newer version of ZENworks, the Virtual Appliance is being built with the latest version of SUSE Linux OS that will have the security vulnerabilities fixed up to date. However the timeline to upgrade the zone to the latest version of ZENworks can be different for each customer.

Securing ZENworks Virtual Appliance is essential to resolve all applicable critical vulnerabilities.



How to Secure



Novell has established a way that make this process easier, better in order to make appliance servers more compliant.

Novell identifies all the security patches that are critical & applicable to various versions of virtual appliances, which in-turn are for respective SLES Linux OS versions and its service packs. These security patches are included in ZENworks Update Channels, which will have all the previous security patches. These channels are built to support RPM metadata. This is then wrapped as a System Update containing zypper way of applying the packages that are part of these security patches.

Zypper, a package managers, that provides a powerful satisfiability solver to compute package dependencies and a convenient package management API.

Process of Securing



Security updates for ZENworks Virtual Appliance are posted to Technical Information Document Knowledgebase.

This can be downloaded, imported into the zone & schedule applying the security patches. These security patches are designed to be cumulative & thus applying the latest Security Updates will obsolete all the previous Security Updates.

The first Security Update is now available & address the following vulnerabilities


    • GNU Bash Remote Code Execution aka ShellShock Vulnerabilities

 

    • Mozilla Network Security Services Vulnerabilities

 

    • GHOST: glibc gethostbyname buffer overflow




Happy Patching ZENworks Appliances…

 

Labels:

How To-Best Practice
New Release-Feature
Comment List
Related
Recommended

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.