I'm pleasure to announce that we have released new version of vGate Compliance Checker (update June 25 2015: now we have Russian version only).
Compliance checker is a free reporting tool that allows you to verify whether your virtual environment complies with industry standards for information security: PCI DSS 2.0, CIS VMware ESX Server Benchmark, VMware Security Hardening Best Practices.
It is distributed as a single executable – no installation or registration is required.
Supported VMware product versions:
VMware vSphere 4 (Update 2)
VMware vSphere 4.1 (ESX & ESXi)
VMware vSphere 5.0
Enjoy :)
Hi MaxBread:
ReplyDeleteI'm interested in understanding the implementation details of the compliance tool you have built. Like did you use the power cli or any api? Could you please help me?
Hi Parash, tool uses vix api to deploy small agent to the server that you want to check. This agent reads configiration files and runs cmdline tools to check server and virtual machines properties. After checking completion agent is removed from the server.
ReplyDeleteHey MaxBread:
ReplyDeleteThanks for the reply. VIX supports C, Perl and COM, which language have you chosen and why? For each VM and ESX which you want to check, this agent has to be pushed?
Did you also explore other APIs and tools and found no better than VIX?
Tools is written in C++. Agent is installed on the each ESX. VM settings are checked without agent deploy. We didn't explore other API. But we tried other VMware compliance tools, for instance this one http://maxshulga.blogspot.ru/2011/12/run-vsphere-security-hardening-report.html
ReplyDelete