VMware Cloud Community
BobNiaan
Contributor
Contributor
‎05-16-2017 09:19 AM

Can I use vsphere instead of vcenter for vROPs?

Hi, im really new to vROPs, so my issue is whether I am able to just use my ESXi vSphere 6.5 to allow me to use vROPs instead of using vCenter as I need vROPs to help me on hardening of my host. This is because I only have 1 host and have a few VMs running only, thus do not need vCenter. However, upon installation of vROPs, I realize that they require me to configure my vCenter Adapter which needs a vCenter credential which I do not have. Any help would be appreciated, thanks!

Reply
0 Kudos
5 Replies
Kpitt
VMware Employee
VMware Employee
‎05-16-2017 09:29 AM

Hi BobNiaan,

I don't see this listed in the documentation, but if you edit the vSphere Solution to add an adapter instance you can put the IP/FQDN of the ESXi host and it should present you with a certificate to accept and the test should work (provided you use a high level credential, in my case, I just used root).

I just tested this in my lab, the adapter instance got created, and I'm currently waiting for metric data to populate for the objects under that host. I will report back in a little while to let you know if I am getting metrics.

-Kyle

Reply
0 Kudos
BobNiaan
Contributor
Contributor
‎05-16-2017 10:59 AM

I've tried putting my ESXi 6.5 IP at the 'vCenter Server' box under Basic Setting during configuration and it seems to 'work'. However, it's not showing any risk and alerts whatsoever and furthermore it requires me to go in quite deep to find my host (Environment > vSphere Hosts and Clusters > vSphere World > ESXi 6.5 > ha-datacenter > esxi-host ). As stated in my question above that I need to check where my host is hardened, is there a way for vROPs to show the risk on my host using the Security Hardening Guideline vSphere 6.5?

Reply
0 Kudos
Kpitt
VMware Employee
VMware Employee
‎05-16-2017 11:49 AM

You would need to assign the Hardening Policy to the host... See attached. If this host is the only thing in your vROps environment, you can simply make the Hardening Guide the default.

I don't think the vSphere Adapter was meant for just a single host, I surprised myself when it prompted me with the Certificate so it doesn't surprise me you have to dig a little to get to it.

-K

Preview file
54 KB
Reply
BobNiaan
Contributor
Contributor
‎05-16-2017 09:29 PM

After making the hardening guideline my default policy, it seems that there isn't anything like alert shown. Does this means that my host is fine or did I do something wrong? (See attached picture)

Preview file
98 KB
Preview file
70 KB
Reply
0 Kudos
sxnxr
Commander
Commander
‎05-18-2017 03:00 AM

I have not done this so am not an expert in any way but try clicking the two arrows next to all metrix in your second screen shot then select analysis the compliance. That should show you if you are complaint or not according to the policy

Reply