Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 1906 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VMtools upgrade on Sophos Firewall Manager

balletbob

Hi,

Sophos Firewall Manager is running an unsupported and insecure version of VMtools.

 

How can we update the VMtools component?

 

(Central migration is on the cards but that's not what I'm asking about here)

 

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Please share the details of SFM using below given command.

    console> sfm sh version-info
     
    Please also provide the current version of VMtools available and issue you have found with VMtools used in the Sophos Firewall Manager. It would help us to assist you better.
Reply
  • 0

    Hi  

    Please share the details of SFM using below given command.

    console> sfm sh version-info
     
    Please also provide the current version of VMtools available and issue you have found with VMtools used in the Sophos Firewall Manager. It would help us to assist you better.
Children
  • 0 in reply to Keyur

    Information from the vCentre console:

    • Guest OS:Other (32-bit)
    • Compatibility:ESX/ESXi 4.0 and later (VM version 7)
    • VMware Tools:Running, version:9409 (Unsupported older version)

    VMware Tools:

    • Running Status:Running
    • Version9409 (9.6.1)
    • Version Status:Unsupported older version
      Upgrade or reinstall VMware Tools. This version is not supported with the existing host. See the vSphere Web Client help.
    • Installation Type:Tar installer


    Information from VMware Skyline console:

    Finding ID: vSphere-SpectreMeltdown-VMSA#201804-2
    Severity: MODERATE
    Description: Hypervisor-Assisted Guest Mitigation for branch target injection. Risk if no action taken
    Security Risk Recommendations:
    • Ensure that your VMs are using Virtual Hardware Version 9 or higher.
    www.vmware.com/.../VMSA-2018-0004.html
    https://kb.vmware.com/s/article/52085

    Finding ID: vSphere-legacyVmHW-KB#67282
    Severity: MODERATE
    Description: Legacy virtual machine hardware versions exist in environment. Risk if no action taken
    Recommendations:
    • Virtual machine hardware versions prior to vSphere 5.0 (virtual machine hardware version 8) 6.0 will block upgrade of vCenter Server to version 6.7 or higher. Any legacy virtual machines should be upgraded to vSphere version 5.0 compatibility (virtual machine hardware version 8) or higher to avoid upgrade issues. For more information, see KB 67282.
    Helpful Links
    https://kb.vmware.com/s/article/67282

     

    Results of the console> sfm diagnostics sh version-info command  (serial and device ID removed)

    console> sfm diagnostics show version-info                                                                              
                                                                                                                            
    Device Model:                                   SFMV15                                                                  
    Firmware version:                               SFMOS 17.1.2 MR-2                                                       
    Firmware Build:                                 300                                                                     
    Firmware Loader version:                        0x000003f9                                                              
    Config DB version:                              17.023                                                                  
    Logging Daemon version:                         0.0.0.9                                                                 
    Hot Fix version:                                N.A                                    

     

    I downloaded the ovf and reployed a test SFM and it had hardware version 8 (7 if you use the generic ovf) and still the same out of date vmtools.

  • 0 in reply to balletbob

    Hi  

    Thank you for providing details, please allow us some time to check this for you and I will update this thread with further details.