Home > Blogs > VMware Security & Compliance Blog

VMware (CP&C) Releases PCI 2.0 FREE Compliance Checkers!

Hola Amigos y Amigas,

Today we are going to give you access to two (That’s right, DOS!) FREE downloadable tools that help you get started on the journey to achieving PCI 2.0 Compliance.

The PCI 2.0 Compliance Checkers for Windows and LINUX are fresh off the virtual assembly line and compiled by the good folks at VMware’s Center for Policy & Compliance! (CP&C)

 Here is how they work: 

  • The Compliance Checkers run an assessment on 5 Guest systems at a time!
  • The assessment is based on a predefined subset of the PCI 2.0 Content that currently exist today in vCenter Configuration Manager (vCM) Part of the vCenter Operations Manager Suite
  • The results for each guest includes the rules, the rule descriptions, and the success or failure of each rule

 Check out the following results report from the LINUX Checker. Pure AWESOMENESS! 


The Compliance Checkers are designed to get you hooked and come back for more! 

Here is the link so you can get started hardening your vSphere and Guest Environment today. (Remember, we have FREE checkers for vSphere 4.0 & 4.1)


The vSphere 5.0 Checker will soon be on its way like a Tim Tebow Comeback! (Too bad his comebacks will be for the Jets, I love my Broncos but am not happy about the Manning move.) Just sayin…

Now this poses a few questions and we would love to get your feedback: 

1. Are free tools like this helpful?

2. How do you currently lock down your vSphere environment?

3. Would remediation of the non-compliance results be a good next step?

4. Do you care about regulatory compliance & vendor best practices? If so, which ones? (PCI, HIPAA, DISA, CIS…) 

Jump in the discussion on any of our social media channels – blogs, Twitter, Facebook, or community forum: 

 Peace Out!

George Gerchow – Director, VMware Center for Policy & Compliance



4 thoughts on “VMware (CP&C) Releases PCI 2.0 FREE Compliance Checkers!

  1. Bill A

    G-Money, this utility rocks!
    I’ll make sure I get some awareness out to the partner community.

  2. rjhintz

    Yes free tools are helpful. The actions should depict enough detail to be able to show auditors who are working from checklists what was done, what part of the standard was being addressed, and an indicator of success.
    As a next step, I’d consider modeling a specific remediation step to show expected result as opposed to committing a remediation. Then, after that, optionally committing (with a rollback option).
    Standards we’re following include: PCI-DSS, HIPAA/HITECH, FERPA, SOX, Gramm-Leach-Bliley, FISMA, California Information Practices Act, California Confidentiality of Medical Information Act, and ITAR. Not all of these lend themselves to checklist compliance, unfortunately.
    I’ll try to put this in Twitter. 😉


  3. Thesaffageek

    PCI-DSS and SOX are the biggest two i’m seeing in the field and the release of the vSphere 5 version along with the VMware hardening guide for integration into vCenter Configuration manager would also be highly helpful seeing as vSphere 5.1 is almost out never mind how long vSphere 5 has been.

  4. PaoloM

    We installed the appliance but we got the error : “Error Connecting to Host Service Istance ( IP Address; User ID: vcenter-ssg\administrator).
    Any suggestion on how to solve this issue and and going further ?

Comments are closed.