VMware Cloud Community
BobNiaan
Contributor
Contributor

How to do hardening check on vSphere 6.5 using script?

I am having an issue trying to figure out a way to the a hardening check based on vSphere 6.5 Hardening guideline using a script that is able to be used in Ansible. This is so that I am able to check the compliance/risk of my bare-metal installation of my vSphere 6.5. I do know that I can use vRealize to automate thing however I am looking for another option as I not into purchasing vRealize at the moment. Any help would be appreciated!

1 Reply
Diskonekted
Contributor
Contributor

Hi BobNiaan​,

Sounds like you're after SCAP (Security Control Automation Protocol) content so that you can create the configuration baseline and then ratify against that. There are some STIGs (Secure Technical Implementation Guides) here, but these may not be SCAP automated - I've not used them before.

There's some details out in the wild about using vCenter Configuration Manager to perform these tasks (link), but again, I've never performed this. Alternatively, you can create you're own content using a tool like this (another link on this topic).

Others in the community seem to have scripted this via different means (link).

Diskonekted