First of all, I am very sorry for the long period of time between the previous episode and this follow up. In the previous post, documents related to security and hardening like “vSphere Security Guide” and “VMware vSphere Security Hardening Guide” were discussed.
An overview of some tools for checking vSphere compliance:
- vCenter Configuration Manager
- Free Compliance checkers for vSphere,
- Third party tools
vCenter Configuration Manager (vCM)
vCM is a component of vCOM (vCenter Operations Management Suite) and can be used to continuously assess the configuration compliance of physical and virtual environments, like VMware vSphere, Windows and Linux operating systems.
Assessments can include IT defined internal standards, Security best practices, Vendor hardening guidelines (like the VMware vSphere Security Hardening Guide) and Regulatory mandates like HIPAA, PCI en SOX.
The downside is that vCM is not free, but you can download a trial, in fact you will download vCOM. More information on vCM, vCOM and links to the free Compliance Checkers can be found here.