Securing ZENworks Virtual Appliances with System Updates

Securing ZENworks Virtual Appliances with System Updates

About ZENworks Virtual Appliance



As we all know ZENworks Virtual Appliance is an alternate way to traditional way of deployment & installing ZENworks Server. This is fast, convenient, lowers deployment costs and accelerate time-to-value with a “plug-and-play” virtual appliance.

Securing ZENworks Virtual Appliance



As we release a newer version of ZENworks, the Virtual Appliance is being built with the latest version of SUSE Linux OS that will have the security vulnerabilities fixed up to date. However the timeline to upgrade the zone to the latest version of ZENworks can be different for each customer.

Securing ZENworks Virtual Appliance is essential to resolve all applicable critical vulnerabilities.


How to Secure



Novell has established a way that make this process easier, better in order to make appliance servers more compliant.

Novell identifies all the security patches that are critical & applicable to various versions of virtual appliances, which in-turn are for respective SLES Linux OS versions and its service packs. These security patches are included in ZENworks Update Channels, which will have all the previous security patches. These channels are built to support RPM metadata. This is then wrapped as a System Update containing zypper way of applying the packages that are part of these security patches.

Zypper, a package managers, that provides a powerful satisfiability solver to compute package dependencies and a convenient package management API.

Process of Securing



Security updates for ZENworks Virtual Appliance are posted to Technical Information Document Knowledgebase.

This can be downloaded, imported into the zone & schedule applying the security patches. These security patches are designed to be cumulative & thus applying the latest Security Updates will obsolete all the previous Security Updates.

The first Security Update is now available & address the following vulnerabilities


  • GNU Bash Remote Code Execution aka ShellShock Vulnerabilities

  • Mozilla Network Security Services Vulnerabilities

  • GHOST: glibc gethostbyname buffer overflow



Happy Patching ZENworks Appliances…

 

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2015-03-05 18:36
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.