VMvare security audit checklist and tools
How to do vSphere security auditing is a question every IT admin has to answer sooner or later. Auditing data centers for security can be approached many ways, starting with 3rd party consultants squatting in server room, ending by manual and complicated implementation of certification or best-practice auditing checklist. VMware vSphere with its vCenter and ESXi products is often implemented with default configurations. And, once deployed, many vSphere data center implementations are not regularly evaluated to determine security weaknesses.
VMware vSphere, vCenter and ESXi security auditing
VMware Security Hardening Guides were created by VMware experts and provide prescriptive guidance for customers on how to deploy and operate VMware products in a secure manner. As such it creates an ideal checklist for security audit in virtualized data center.
Guides for vSphere are normally provided in spreadsheet format, with rich metadata to allow for guideline classification and risk assessment. They also include script examples for enabling security automation. Implementing VMware security best practices is very time consuming and requires continuous validation of the implementation as the environment configuration changes. This situation repeats for other security guides like GPDR or DISA-STIG. Thankfully, there is a tool which can automate data center security audits and tell admins what to do to improve the security standards.
VMware security auditing tool
One of the Runecast Analyzer features is scanning for security issues and recommendations according to several security profiles. The Analyzer scans VMware vSphere instances with all the ESXi hosts, vCenter servers and virtual machines. It uses extensive database of VMware Security Hardening checks, DISA-STIG and best practices which helps to implement GPDR. It audits thousands of combinations on data center environment. The result is the list issues which needs to be implemented and also those which are already successfully applied. The entire scan doesn’t take more than a minute or two and can be scheduled periodically to report on best practice and security data center audit which helps to catch any misconfigurations.
See how many KBs are applicable in your environment