VMware Compliance Checkers

The VMware Compliance Checker for vSphere is a free, simple and straightforward tool meant to verify the security of a vSphere environment. It has been developed to compare the detected configuration with the guidelines provided in the VMware vSphere Hardening Guide, and will provide detailed reports representing actionable items and non compliance issues.

Each issue is clearly labeled and a direct reference is provided to fixing instructions and further details, an approach which has proven to be worth the additional work in similar products (the Best Practice Analyzers from Microsoft being a famous example).

The tool can run against multiple ESX and ESXi servers at a time, and is fit for large scale assessments: it can speed up the work of trained security experts or help security conscious system administrators.

As an additional tool for PCI certified organizations, VMware also released a freeware Compliance Checker for the PCI DSS v1.2 requirements. The tool is meant to analyze Microsoft Windows servers and desktops (starting from Windows 2000) for PCI non-compliances, producing a detailed summary of all issues complete with remediation suggestions. It can run on 5 machines a time, providing a small level of parallelism suited for small and medium environments.

While the tool is by no means a complete replacement for careful audits, it can help automate baseline security checks and is a welcome addition for any administrator working in a PCI certified environment.