The first version of the new VMware Compliance Checker for vSphere tool is now available for download.
VMware Compliance Checker for vSphere lets you scan your ESX and ESXi hosts for compliance with the VMware vSphere hardening guidelines to make sure your hosts are properly configured. It also lets you save and print your assessment results, so you can track your compliance level over time, or use them as documentation for internal audits.
Installing VMware Compliance Checker for vSphere
After downloading the VMwareComplianceCheckerForvSphere.msi installing is done in a matter of seconds, using the all to familiar click Next to continue Windows installation routine. The tool is Windows only at this point.
The tool is Java based, so the client machine you run it on needs to have it installed locally before you can use it.
Running a Compliance Scan
Running a compliance scan is very easy. Start up VMware Compliance Checker for vSphere and point it towards either a ESX/ESXi host, or towards your vCenter installation.
The tool runs for a while, and in the end you’ll be presented with a nice HTML based report highlighting all your compliance shortcomings!
VMware Compliance Checker for vSphere looks like it can be a valuable tool to add to your vAdmin tool-belt. In it’s first version it does a good job of identifying potential issues with your environment. As far as I can see, William Lam’s Perl based vSphere Security Hardening Report Script does more extensive checks for now.
The vSphere Security Hardening Report Script also has a couple of other advantages, one being that it’s operating system agnostic (since it’s Perl based) another advantage is that since it’s written in a scripting language you can set up automated cron jobs that performs the scanning for you. As far as I can see the VMware tool is missing the ability to schedule scans, which is something I really hope VMware will add to it in the not to distant future.