Tip

Using VMware security compliance testing tools

Setting up a vSphere infrastructure to host cloud environments is not just as simple as making sure the right hosts are running the right virtual machines. You’ll probably also want to conduct compliance testing to make sure that your environment is compliant with current security regulations that apply to your organization. In this article, you’ll read how VMware can help.

VMware offers free compliance testing tools that focus on two areas. There is a

    Requires Free Membership to View

VMware PCI Compliance Guidelines Checker for Windows and one for Linux. This tool scans up to five Windows Servers or five Red Hat Linux Servers against the PCI DSS v2.0 requirements. Next, there are the VMware Compliance Checker for vSphere. There are separate tools for vSphere 4.0, 4.1 and 5.0. Each tool runs assessments on ESX and ESXi hosts that are managed by a vCenter Server to check if a predefined subset of the vSphere Hardening Guide rules are correctly applied. The tool can do this for the first five ESX/ESXi hosts it finds on the target vCenter Server.

Using the tools is easy, just download and install them on a Windows workstation. Next, enter up to five machine names or IP addresses you want to check and then click Assess Compliance. The checker will then perform compliance testing and show which rules have matched and which have not.

The PCI DSS 2.0 standard gives an overview of security recommendations for the platform you’re using. Some tools and services on specific platforms are known to be unsafe and these are all listed in the PCI DSS 2.0 standard. Examples include the rsh and finger services on the Linux platform, which can allow outside parties to more easily access your system and request sensitive data. You can get a complete list of the items that these tools check for from the help section in the Compliance Checker application. Once completed, the compliance checker gives an overview of all potential security problems, which allows the administrator to easily identify and fix issues.

The VMware Compliance Checker tools provide an easy accessible interface to check servers against current security policies.

The list of items the compliance testing checks is a result of the research conducted by the VMware Compliance Center . This center gives an overview of the research that VMware is performing to make sure that its products can maintain security in a virtual environment. In your search to optimize security and compliance, it is a good idea to look at the white papers listed on the Resources tab in the Compliance Center.

VMware believes that implementing regulatory compliance should be easier in a virtualized environment, and you can see this in some of its products. VCenter Configuration Manager makes it easier to implement the same policies on all virtual machines, which often is much harder to do on separate physical servers.

However, maintaining regulatory compliance requires diligence beyond what automated tools can do for you. It is also important to use good administrative policies and lay out protocols to describe how certain tasks need to be approached in a virtualized environment. In the VMware Compliance Center you can find all current information sources that help you in asking the right questions.

This was first published in June 2012

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Expert Discussion

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.