Using VMware Compliance Checker

VMware Compliance Checker is a new utility from VMware that checks the security compliance of your hosts against the vSphere Hardening Guidelines. You can check up to 5 ESXi or ESX hosts concurrently to produce a report about the compliance of the hosts and their hosted guests. VMware Compliance Checker (CC) can be installed on Windows XP, Vista, 7, 2003 and 2008 (both x86 and x64 are supported).

You can download CC from this link. This is a free download, but you have to signup to create an account or login with your existing VMware account. Once you reach the download page you’ll find 3 separate downloads, but you only have to download the 11 MB binary download.

The installation of CC is fairly straight forward, but note that it does require Java to be installed and the installer prompts for the location of the Java installation. The installer does not install Java for you, but should properly detect the installation location. You can optionally create a desktop shortcut to launch CC.

Note: you do not require a vSphere client installation to run CC.

You can start CC from the Start menu or desktop shortcut. Enter the host information for your vCenter Server host, your login credentials and click the Assess Compliance link to start the security check. You can also run the check directly against an ESXi or ESX host. The results are stored in an HTML file and the document path will be similar to the following: C:\Users\dave.mishchenko\AppData\Local\VMware Compliance Checker for vSphere\results\ReportTemplate.html.

When the check has been completed, your web browser (IE8+ or Firefox 3.6+ are supported) will display the results as shown in the following example. You can click the drop down arrow to display additional information about a specific security check. The results of the CC tool are always written to the same set of files, so if you need to archive security checks, make sure to make a copy of the files in the ..\VMware Compliance Checker for vSphere\results\ folder. If you click the View Most Recent Results the current copy of ReportTemplate.html file is opened.

VMware CC is a great tool to quickly access the security compliance of your vSphere environment. If you need something a bit more feature-rich then you can look at VMware vCenter Configuration Manager.

Leave a Comment

Your email address will not be published. Required fields are marked *