posted

6 Comments

In a previous blog post, we demonstrated how you can easily automate the hardening of your Virtual Machines by using a PowerCLI or vSphere SDK for Perl script and apply the latest vSphere 5.0 Security Hardening Guide recommendations for your Virtual Machines. Now, this is great for securing your existing Virtual Machines, but what about new Virtual Machines that are created? Wouldn’t it be neat to have your Virtual Machines automatically secured after they have been created?

This is exactly what you can do by leveraging the scripts we have written in our last article and using a vCenter alarm. The video below demonstrates how you can create a vCenter alarm that is triggered when a Virtual Machine is created and executes either a PowerCLI or vSphere SDK for Perl script.

Note: To prevent the alarm from creating a red icon on your Virtual Machines, make sure you specify status to “unset” when creating the trigger.

You can download the contents of the Scripts directory here which contains both the batch script to run the PowerCLI and vSphere SDK for Perl script as well as the individual scripts themselves which applies the advanced settings to the Virtual Machines. To use these scripts, you will need to install either PowerCLI or vSphere SDK for Perl (part of vCLI) on your vCenter Server as well as upload the Scripts directory to the path of your choice.

As you can see, you now can now ensure that all Virtual Machines in your vSphere environment will always be secured as the latest security hardening parameters are automatically applied when a new Virtual Machine is created.

More information on using vCenter Alarms to run PowerCLI scripts can be found in this post.

Get notification of new blog postings and more by following lamw on Twitter:  @lamw

About the Author

William Lam

William Lam works as a Staff Engineer in VMware R&D and focuses Automation, Integration and Operations. William also runs a personal blog at www.virtuallyghetto.com. Previous to VMware, he was a Systems Engineer managing large vSphere installations and UNIX/Linux systems.