| VMware Carbon Black Cloud Workload 1.1.1 | 14 DEC 2021 Check for additions and updates to these release notes. |
Overview
VMware Carbon Black Cloud Workload is a data center security product that protects your workloads running in a virtualized environment. It provides an ability to ensure workloads have built-in protection making security intrinsic to the virtualized environment. It includes core capabilities such as agent-less delivery, inventory, lifecycle management, vulnerability assessment, and remediation. It also includes endpoint protection capabilities such as next-gen antivirus, real-time threat hunting and endpoint detect and response.For more information, see:
What's New
The VMware Carbon Black Cloud Workload appliance 1.1.1 security patch release addresses the CVE-2021-44228, Security Advisory (VMSA-2021-0028).
Upgrade Instructions
Prerequisites for the upgrade:
- Make sure the appliance root password is not expired.
- Launch the Web Console for the appliance.
- Log in as root and change the password when prompted.
- Add Appliance DetailsRead permission in your custom Access Level.
Trigger upgrade:
- When Carbon Black Cloud Workload appliance is active.
| Carbon Black Cloud Workload appliance with version 1.1.0 | Carbon Black Cloud Workload appliance with version 1.0.2 | Carbon Black Cloud Workload appliance with version 1.0.1 |
|---|---|---|
| Log in to the appliance, navigate to the Upgrade page, and click the Upgrade Now button. | Log in to the appliance, navigate to the Upgrade page, and change the upgrade schedule time to upgrade immediately. UTC is the default timezone used for all date time fields. |
Please refer to Upgrade Appliance To 1.0.2. |
- When Carbon Black Cloud Workload appliance is not booting up, follow this KB to resolve the issue.
- If the Registration page, part of the Carbon Black Cloud appliance console, shows the cloud registration with a red alert icon, use the Configure a Firewall document to check the configuration.
- If the configuration is correct and you still see a red alert icon, perform a Carbon Black Cloud registration.
- If the configuration is incorrect, modify it to establish a cloud connectivity. Then, refer to the table above to upgrade the active Carbon Black Cloud Workload appliance.
Known Issues
-
Appliance reboot generates certificates even if old ones exist
After an upgrade or install of a Carbon Black Cloud Workload appliance, reboot of the appliance causes the generation of new certificates even if such already exist. As a result, the vCenter Server detects a mismatch in the thumbprint and causes the Carbon Black Cloud Workload plug-in to stop working.
Workaround: After the upgrade is complete, check the Carbon Black Cloud Workload plug-in. If the plug-in version is still on its previous version, or shows either of the errors:
no healthy upstream
503 service unavailable
follow this KB to resolve the issue.
-
Carbon Black Cloud Workload appliance might show with outdated Last Checkin time
The Carbon Black Cloud Workload appliance status visible on the Settings > API Access page from the Carbon Black Cloud console might report with an outdated Last Checkin time.
Workaround: None
-
Carbon Black Cloud console displays unreachable appliance as eligible
On the Carbon Black Cloud console, from the Inventory > Workloads > Not Enabled tab, you can filter VMs based on the Eligibility status. Some eligible VMs are listed with a note 'Not eligible. Unreachable appliance' if the on-premise appliance is unable to communicate with the Carbon Black Cloud. Even though the appliance is unreachable, the Carbon Black Cloud console displays the unreachable appliance under the Eligible filter.
Workaround: None
