https://core.vmware.com/security-configuration-guide
Is there anything available for the VMware Security Configuration Guide? I was hoping there was a compliance management pack but I don't see one.
I think this might be everything that I needed:
Configure > Alerts > Alert Definitions > search for “security configuration guide” > Edit each alert definition and assign it to the default policy.
After doing this, the Optimize > Compliance pane displayed two new compliance sections:
"vSphere Security Configuration Guide" and "vSAN Security Configuration Guide".
The alert definitions are categorized as "version 7 and above", but I'm assuming the Security Configuration Guide settings for vSphere 8 may be included:
Sorry, could you elaborate.. Compliance management pack for?
A compliance pack that includes the latest hardening and security settings straight from VMware. The link I provided goes to the guide in question.
We have it for the VCF environment, are you looking in specific for the vSphere alone?
VMware Cloud Foundation 4.2 Compliance Kit | VMware
The link you provided looks similar to the vSphere security/hardening guide. I was looking for a management pack that could be installed within Aria Ops.
There you go VMware Marketplace - View Solution
For other compliance packs checkout - VMware Marketplace - View Solutions
I installed the CIS and ISO compliance packs, but they don't match up with the VMware Security Configuration Guide.
I did however find one alert definition that has some of the settings that I was looking for:
Do you or anyone else know where these alerts came from? They appear to be defined in the vCenter object and its descendants. I don't want to try to piece together all of the alert definitions, so I'm hoping there is some information on where these came from.
I think this might be everything that I needed:
Configure > Alerts > Alert Definitions > search for “security configuration guide” > Edit each alert definition and assign it to the default policy.
After doing this, the Optimize > Compliance pane displayed two new compliance sections:
"vSphere Security Configuration Guide" and "vSAN Security Configuration Guide".
The alert definitions are categorized as "version 7 and above", but I'm assuming the Security Configuration Guide settings for vSphere 8 may be included: