vNinja.net poses the challenging question “Why Can’t I Syslog my VMware ESXi Installation?”

Since ESXi supports, and actively encourages, the use of an external Syslog service for log file safekeeping and monitoring, shouldn’t the installation logs for ESXi also be logged externally if configured?

[…]

I was very surprised to see that there is no option to configure syslogging until after the installation is finished and the host configuration script(s) runs (ks.cfg).

By using a ks.cfg script you can automatically configure syslog settings, but since that happens after the installation is done, and the host is potentially rebooted, the installation logs are lost (ESXi logs are not persistent by default) unless you run something that copies them over to another location before the reboot happens.

Philosophically this reminds me of what Sartre wrote in Existentialism and Humanism

What do we mean by saying existence precedes essence? We mean that man first of all exists, encounters himself, surges up in the world — and defines himself afterwards.

In other words it takes an external force to enable a remote log configuration at a point earlier than a system itself has any awareness. An upgrade is an easier situation to address, since the system is already aware of itself. A first build, however, at the early stages with few bits in place begs the question of when installation really begins. Before a system exists it will not be able to log remotely.

The RSA Beijing Conference has had many sessions on compliance and cloud. NIST guidelines have come up repeatedly along with FISMA and other regulation references. The American civilian organization is clearly a global leader in this field and followed closely in China; however, I have not seen any mention yet or discussion of yesterday’s announcement on 500-293:

• NIST Special Publication 500-293, US Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume I High-Priority Requirements to Further USG Agency Cloud Computing Adoption
• NIST Special Publication 500-293, US Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters
• NIST US Government Cloud Computing Technology Roadmap Volume III – Technical Considerations for USG Cloud Computing Deployment Decisions (First Working Draft)

The PCI SSC has invited QSAs to send input after November 1, 2011 on DSS 2.0. They want to hear about areas that need to be “clarified, updated or changed to enhance the protections for cardholder data.”

An online tool as well as a spreadsheet are available but each QSA organization is allowed only 5 feedback items in this phase of the next three year period.

December 31, 2011 marks the sunset of version 1.2.1 for both the DSS and PA-DSS

Dell now offers a cloud service based on VMware vCloud Datacenter. Note the word chosen to lead the desription is “secure”:

The Dell Cloud provides a secure, flexible option for customers looking for additional capacity to handle spikes in demand or cost savings by not building additional data centers. Leveraging VMware technology, the Dell Cloud provides a seamless extension of existing enterprise infrastructure running on the industry leading VMware platform.