Home > Blogs > VMware Security & Compliance Blog > Tag Archives: vSphere Hardening

Tag Archives: vSphere Hardening

VMware CP&C releases VMware vSphere 6.0 Hardening Guide Compliance toolkit in VCM!

CPC LogoThe VMware Center for Policy & Compliance (CP&C) team is pleased to announce the release of VMware vSphere 6.0 Hardening Guide Compliance toolkit in VMware vCenter Configuration Manager (VCM). The toolkit consists of automated compliance rules to assess your VMware vSphere 6 based virtualized environments against the hardening guide. It covers 100% of the hardening guide recommendations.

The hardening guide has three risk profiles that group the recommendations based on the sensitivity of your environment. You can pick the compliance toolkits for respective risk profile or get all the rules at once and then make modifications to suit your sensitivity category.

Continue reading

VMware CP&C releases vSphere 5.5 Compliance Checker!

VMware Center for Policy and Compliance (CP&C) team is pleased to announce the general availability of VMware vSphere 5.5 Compliance Checker – an excellent FREE tool to get you started with compliance assessment of your virtual infrastructure with respect to vSphere 5.5 hardening guide.

The tool can be downloaded here.

You can use this tool for vSphere 5.0, 5.1 and 5.5.

While these simple Compliance Checkers provide some basic functionality and benefits, VMware also offers VMware vCenter Configuration Manager, which automates configuration and compliance management across your virtual, physical and cloud environments, assessing them for operational and security compliance. It comes with capabilities such as compliance management, change management, patch management, software inventory management and other useful features.

vCenter Configuration Manager is a component of VMware vCenter Operations Management Suite, which helps you manage the performance, capacity and configuration of your virtual and physical infrastructure.

So, what are you waiting for? Grab these checkers quickly and roll on the compliance!

Come, join the journey to Start Green Stay Green!

Thanks and regards,
Pravin Goyal

vSphere Security Blog Update


Those of you that follow the vSphere Security blog are probably wondering why there hasn’t been much information posted here. I have been posting in the vSphere Blog in order to get more eyes on the security messaging of vSphere. I would encourage you to follow me there or at @vSphereSecurity on Twitter for more frequent updates.

Please note that the big news is the release of the vSphere 5.5 Hardening Guide. This release comes less than 3 weeks after the general availability of vSphere 5.5. If you have input into future hardening guide releases, please don’t hesitate to contact me!

Here’s a list of a few of the more recent items that I’ve posted in case you missed them.

  1. The vSphere 5.5 Hardening Guide has been released!
  2. vSphere Web Client Roles and Permissions How-To Video
  3. Virtual Appliances getting more secure with vSphere 5.5 – Part 1
  4. Virtual Appliances getting more secure with vSphere 5.5 – Part 2
  5. Virtual Appliances getting more secure with vSphere 5.5 – Part 3
  6. Virtual Appliances getting more secure with vSphere 5.5 – Part 4
  7. ESXi, syslog and logins
  8. “It’s a Unix system, I know this!”
  9. Grant shell access to this user? No worries mate!
  10. Skating your way to the SDDC

Thanks for all your interest in making vSphere an even better and more secure platform. I encourage you to get involved and reach out to me with your input, thoughts and concerns. Security is not a destination, it’s a journey so we can always be working to make things better!


VMware CP&C releases VMware vSphere 5.1 Hardening Guide Compliance toolkit in VCM!

The VMware Center for Policy & Compliance (CP&C) is pleased to announce, the most awaited and anticipated content of the year, the release of VMware vSphere 5.1 Hardening Guide Compliance toolkit in VMware vCenter Configuration Manager (VCM), a key component in the VMware vCenter Operations Suite. (vC Ops). As a critical component of the vC Ops suite, VCM is the FIRST product in the market today to have the official GA version of the vSphere 5.1 Hardening Guidelines.



The package comes in 4 versions:

  • Full – Has all recommendations present in the hardening guide
  • Profile 1 – Has only Profile 1 recommendations
  • Profile 2 – Has only Profile 2 recommendations
  • Profile 3 – Has only Profile 3 recommendations

Continue reading

vSphere 5.1 Hardening Guide Release Candidate now available

I would like to announce the release of the Rev B/Release Candidate for the vSphere 5.1 Security Hardening Guide.  This guide should be functionally complete and has been posted for your review and your feedback.

We’d love to hear your feedback, good and bad, on the contents of the guide. I would encourage you to post your reply in the Security and Compliance Communities forum but if you have more sensitive concerns, send it to me at mfoley@vmware.com. The intent is to publish the final GA copy in two weeks with any changes/updates incorporated so get your inputs in as soon as possible!

The vSphere 5.1 Security Hardening Guide has been posted to the VMware Communities in the “Security and Compliance” area, in the Documents tab. A separate Change Log document has also been published with the RC Guide.

Thanks to everyone who provided feedback on the Rev A Draft, and also to the team at VMware who contributed to this guide in many significant ways.

mike foley

VMware (CP&C) Releases PCI 2.0 FREE Compliance Checkers!

Hola Amigos y Amigas,

Today we are going to give you access to two (That’s right, DOS!) FREE downloadable tools that help you get started on the journey to achieving PCI 2.0 Compliance.

The PCI 2.0 Compliance Checkers for Windows and LINUX are fresh off the virtual assembly line and compiled by the good folks at VMware’s Center for Policy & Compliance! (CP&C)

 Here is how they work: 

  • The Compliance Checkers run an assessment on 5 Guest systems at a time!
  • The assessment is based on a predefined subset of the PCI 2.0 Content that currently exist today in vCenter Configuration Manager (vCM) Part of the vCenter Operations Manager Suite
  • The results for each guest includes the rules, the rule descriptions, and the success or failure of each rule

 Check out the following results report from the LINUX Checker. Pure AWESOMENESS! 


The Compliance Checkers are designed to get you hooked and come back for more! 

Here is the link so you can get started hardening your vSphere and Guest Environment today. (Remember, we have FREE checkers for vSphere 4.0 & 4.1)


The vSphere 5.0 Checker will soon be on its way like a Tim Tebow Comeback! (Too bad his comebacks will be for the Jets, I love my Broncos but am not happy about the Manning move.) Just sayin…

Now this poses a few questions and we would love to get your feedback: 

1. Are free tools like this helpful?

2. How do you currently lock down your vSphere environment?

3. Would remediation of the non-compliance results be a good next step?

4. Do you care about regulatory compliance & vendor best practices? If so, which ones? (PCI, HIPAA, DISA, CIS…) 

Jump in the discussion on any of our social media channels – blogs, Twitter, Facebook, or community forum: 

 Peace Out!

George Gerchow – Director, VMware Center for Policy & Compliance