Home > Blogs > VMware Security & Compliance Blog > Monthly Archives: June 2012

Monthly Archives: June 2012

VMware CP&C releases a FREE vSphere 5.0 hardening guideline compliance checker!

I am hanging out in NYC finishing Cloud Expo East where we delivered a rousing session on Cloud Audit & Control with Coalfire AND CP&C is now VERY pleased to announce the release of our FREE vSphere 5.0 compliance checker! Last week we rolled out the 5.0 hardening guidelines in vCenter Configuration Manager (vCM) making it the first product on the planet to have the 5.0 content for our customers. Today, we are giving you access to a FREE vSphere 5.0 compliance checker! How awesome is that?

It is so easy to download and use that you can run it while watching Euro Cup with the sound of GOOOOOOAAAAAALLLLLLLLL!!!!!!!!!! In the background!

 Here is how the vSphere 5.0 Compliance Checker works: 

  • The Compliance Checker runs an assessment on 5 host systems at a time! (The 1st five being managed by an instance of vCenter Server)


  • The assessment is based on a predefined subset of the 5.0 Hardening Guidelines Content that currently exist today in vCenter Configuration Manager (vCM) Part of the vCenter Operations Manager Suite (vCo Ps)


  • The results for each host includes the rules, the rule descriptions, and the success or failure of each rule


 Check out the following results report from the vSphere 5 Checker


All you have to do is authenticate into the vCenter box that you want to assess hosts on.


The VMware Center for Policy & Compliance FREE Checkers are sweeter than bacon and designed to get you hooked & come back for more! 

Here is the link so you can get started hardening your vSphere Environment today. (Remember, we have FREE checkers for vSphere 4.0 & 4.1 AND for PCI 2.0 Windows & Linux)


Next, look for CP&C to release a HIPAA Checker that will be hotter than the Miami HEAT!

Now this poses a few questions and we would love to get your feedback: 

1. Are free tools like this helpful?

2. How do you currently lock down your vSphere environment?

3. Would remediation of the non-compliance results be a good next step?

4. Do you care about regulatory compliance & vendor best practices? If so, which ones? (PCI, HIPAA, DISA, CIS…) 

Jump in the discussion on any of our social media channels – blogs, Twitter, Facebook, or community forum: 


Cambio y Fuera!

George Gerchow – Director, VMware Center for Policy & Compliance


VMware Center for Policy & Compliance (CP&C) releases vSphere 5.0 hardening guidelines in vCenter Configuration Manager! (vCM)

CP&C is pleased to announce the most anticipated content release to date in vCM, the VMware vSphere 5.0 hardening guidelines! As critical component of the vC Ops suite, vCM is the FIRST product in the market today to have the official GA version of the vSphere 5.0 Hardening Guidelines. This is just another significant step in our Trusted Cloud initiative in helping customers migrate tier one applications to the VMware Cloud Infrastructure Suite.

What does this mean to VMware vCM customers who want to make sure their virtual systems are compliant?

5 new rule groups and two brand new templates:

  VSphere 5.0 p1

 Brand new 5.0 hardening guideline collection filters:

VSphere 5.0 p2

Great executive compliance results and trending dashboards:

VSphere 5.0 p3

You can quickly move from Dashboards to details and see the out of compliance data classes, here is a small sample, there are so many that I cannot get a full coverage screen shot!

VSphere 5.0 p4

Add this DEEP virtualization compliance data to the rich cross platform, heterogeneous change detection, configuration\ patch management, best practices and regulatory compliance content vCM has today & you will be well on your way to successfully hardening your environment. (Yes, I did say Virtual, Physical, Windows, Linux, Servers, Desktops\ VDI…) This is better than bacon!

Whhheeeeewwwww, I ran of breath reading it back.

The guidelines are available today and can be downloaded using the vCM Content Wizard.

 Feel free to hit us up with questions & comments at:

Hasta La Vista,

George Gerchow – Director, VMware Center for Policy & Compliance















vSphere 5.0 Security Hardening Guide Released

I would like to announce the official release of the vSphere 5.0 Security Hardening Guide.  This version represents a significant step in the evolution of this guide.  Based on feedback from customers and partners, the guide was re-structured from the ground up with the following key aspects:

  • The guide is being released exclusively in spreadsheet format.  Many of you have indicated that, although the accompanying text found in previous versions of the guide is interesting, the specific steps for assessment and remediation of the recommendations are really what matters.  Since people often end up putting the guide into spreadsheet format anyway, we figure we'd save you the trouble!
  • All guidelines have the same set of metadata, and a new standardized and extensible identification scheme.  This will enable customers to more readily adapt the guide to suit their particular environment by selecting the specific guidelines and fields that are of interest to them, and also help them in the generation of standard checklists and similar documents.
  • A primary goal for this guide was to enable greater automatability.  To this end, the guide includes both assessment and remediation commands for the three main vSphere CLIs: vSphere CLI (vCLI), ESXi Shell, and PowerCLI.  References have also been added to sections of the vSphere API documentation that relate to each specific guideline. 
  • The previous recommendation levels have been replaced by a system using Profiles. This is part of the move towards putting the guide into industry-standard format, a potential benefit that will be fully realized in the future.

The Introduction tab of the guide describes the new naming scheme, structure, recommendation levels, and other aspects of the guide in more detail.  Please read this tab first before diving into the rest of the guide, as it provides important context.

The vSphere 5.0 Security Hardening Guide has been posted to the VMware Communities in the "Security and Compliance” area, in the Documents tab.  Thanks to everyone who provided feedback on the Public Draft, and also to the team at VMware who contributed to this guide in many significant ways.

Charu Chaubal
Technical Marketing, Cloud Infrastructure