Since VMware has declared the end of life for vRealize Compliance Manager, and ended the vRealize Air Compliance, what tools are left that are good at:
-Reporting on the security and compliance posture of your enviroinment (i.e. comliance with PCI, HIPAA, VMware Risk Profiles, etc.)
-Automatically enforcing those compliance standards
Suggestions, gotchas, experiences?
(Does anyone still use this community?)
Thanks!
Hello,
vRealize Operations will bring in some of that data for you. However, you need to enable it for use under Administrator->Policies, this is not 100% complete, nor can you set scope settings, and is only easily checked things that I can see.
HyTrust, Catbird Security also have that data available yet still not 100% complete but better than most.
CISecurity has a Scanner if you are a member, but once more is not 100%.
I have a scanner but it is not 100% complete, but does cover most things for Host, VM, and started on Networking.
William Lam wrote a small scanner to cover most easily checkable things (anything in the DOM of the host).
So they do exist, just not many complete ones. If you have vRops, enable it and it should help. If you do not, there are some other options, even contact me and we can sort something out.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2016
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
An option is vRealize Configuration Manager: Compare vRealize Operations Editions | United States
Hello,
vRealize Operations will bring in some of that data for you. However, you need to enable it for use under Administrator->Policies, this is not 100% complete, nor can you set scope settings, and is only easily checked things that I can see.
HyTrust, Catbird Security also have that data available yet still not 100% complete but better than most.
CISecurity has a Scanner if you are a member, but once more is not 100%.
I have a scanner but it is not 100% complete, but does cover most things for Host, VM, and started on Networking.
William Lam wrote a small scanner to cover most easily checkable things (anything in the DOM of the host).
So they do exist, just not many complete ones. If you have vRops, enable it and it should help. If you do not, there are some other options, even contact me and we can sort something out.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2016
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
OK great - thanks for the input.