The VMware Center for Policy & Compliance (CP&C) is pleased to announce the availability of Payment Card Industry Data Security Standard (PCI DSS) 3.0 Compliance toolkit for Virtual Environment in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite (vC Ops) suite.
PCI DSS 3.0 comes into effect from January 1, 2014. We churned it pretty quickly and now have the PCI DSS 3.0 compliance toolkits available for below VMware vSphere based virtual environments:
VMware vSphere 5.0
VMware vSphere 5.1
VMware vSphere 5.5
The toolkit contains various PCI DSS 3.0 compliance rules grouped into respective virtual objects in the form of rule groups and templates:
VMware vSphere Hypervisor (Virtual Environment based)
VMware vSphere vCenter Server (Virtual Environment as well as Windows based)
VMware vSphere Guests (Virtual Environment based)
VMware vSphere Network (Virtual Environment based)
VMware vSphere SSO (Windows based)
VMware vSphere Web client (Windows based)
You can download the packages using Compliance Content Wizard tool in VCM or from VMware solution exchange and begin to use them.
Below is a quick summary of the release and walk-through of the compliance process using VCM:
Step 1 – Collect just the required data from the virtual objects using granular collection filters
Step 2 – Run the PCI DSS 3.0 compliance templates to get an assessment of your virtual environment – That’s it!
Step 3 – Track your PCI DSS 3.0 compliance posture using these great dashboards:
From there, you can see the individual rules behind the content that is surfaced in the dashboards. Also, you can easily group the template results to suit your requirements:
Start nailing down the most critical ones first and then the rest. You can just drag n drop the template results and group them by severity to make it easy for your VI admin to fix the infractions. Isn’t that cool!
Keep in mind that VCM manages not only virtual environments, but covers physical as well. It is the market leader in Configuration Audit, Change Detection, Patch Management and COMPLIANCE content. With new additions such as Scripted Remediation Framework, high level of OS patch automation with auto deploy functionality, Easy install and setup, SCAP based compliance and a new look and feel, it is better than ever before!
Lookout for the PCI DSS 3.0 compliance rule groups and templates for *NIX and Windows environment – Coming Soon!
Come, join the journey to Start Green Stay Green!
Thanks and regards,
RHCE | HP-UX CSA | VCP | MBA | CISSP | GISP | CCSK | CloudU | CompTIA CE | ITIL-F | ITSM-F