As an vCenter Server administrator, you always want to minimize the emergency downtime. You can now monitor all data center vulnerabilities from the AppDefense plug-in. You can locate vulnerabilities using AppDefense and align the scheduled downtime with vulnerability patches or updates. So, with the help of AppDefense, you can proactively minimize the risk of an emergency downtime. To enable the vulnerability assessment feature, you should have AppDefense Service (SaaS) subscription and the AppDefense Appliance must be connected to AppDefense Service (SaaS). Vulnerability feature is supported from AppDefense Appliance version 2.3.0.0 or later.

AppDefense looks into data center vulnerabilities related to:

  • vCenter Server and ESXi hosts. To view VMware products vulnerabilities, AppDefense Appliance must have version 2.3.0.0 or later.
    Note: vCenter Server and ESXi related vulnerabilities are not available from version 2.3.2.
  • Operating System (OS) of virtual machine. To view OS vulnerabilities, AppDefense Guest Module and AppDefense Host Module must have version 2.3.0.0 or later.
  • Applications installed on the virtual machine. To view application vulnerabilities, AppDefense Guest Module and AppDefense Host Module must have version 2.3.0.0 or later.

AppDefense assesses vulnerabilities for:

  • VMware Products: vCenter Server and ESXi. VMware publishes a security advisory for every vulnerability found in VMware products with the patch information. Each vulnerability contains information like product affected, version, whether any patch is available, workarounds, and also contains attack vectors and CVSS score. With AppDefense, you can now find the vulnerability information related to vCenter Server and ESXi hosts on the AppDefense plug-in dashboard.
  • Windows Operating Systems: For Windows OS, AppDefense looks for OS details and the security patches applied on each VM. When some of security patches associated with a vulnerability are not applied, the VM is flagged as vulnerable.
  • Linux Operating Systems: For Linux OS, AppDefense looks for OS details with the list of all installed packages. AppDefense determines the vulnerable packages installed on the VM and reports the CVEs against those packages.

AppDefense Plug-in Dashboard

You can view Vulnerabilities on the AppDefense plug-in dashboard Summary tab.

  • In the left navigation pane, click the AppDefense icon.
  • On the AppDefense plug-in dashboard Summary tab, go to the Vulnerabilities widget. Only critical vulnerabilities are listed and categorized based on the vulnerable asset.
Note: To view vulnerabilities, you must be connected to AppDefense Service (SaaS). If you are not connected to AppDefense Service (SaaS), enable AppDefense Service (SaaS) as described in Step 1 C: Enable AppDefense Service (SaaS).

\

To go to the list of all vulnerabilities available on the Vulnerabilities tab, click View All. Only the VMs that have version 2.3.0.0 or later, are considered in the Assets Monitored count.