1 Reply Latest reply on Nov 18, 2012 9:19 AM by lamw

    Location of VMa in relation to virtual center and VMware hosts

    sstratilalta Lurker

      Hi, I am in the process of deploying the "vmwarevSphereSecurityHardeningReportCheck.pl" script into our PCI envrionment.  The question that has us hung up right now is the best place on our network to locate the VMa to run the scrip from.  This quickly leads to a discussion of what ports this scrip uses to communicate with vCenter and ESX hosts.  From my research it looks like it will use port 443 and potentially 80.  Can anyone offer any insigh on the best way to deploy this?  Ideally I would like to deploy it on our internal network and open up the ports it needs to get into our PCI network however I need to lock down the ports it needs befor our secuirty team will allow me to move forward.



        • 1. Re: Location of VMa in relation to virtual center and VMware hosts
          lamw Guru
          VMware EmployeesCommunity Warriors

          The script uses 443 (HTTPS) to connect to vSphere API 80 (HTTP) for a few file validation. The script was created with reliance on few UNIX/Linux tools such as openssl/etc. so vMA was a quick way for users to download a Linux appliance that includes the vCLI which uses the vSphere SDK for Perl. You technically can probably run this on another UNIX/Linux system that has the vCLI installed but you can always validate it on vMA first and port it off to your own harden system if you wish.