Tripwire has a free, Windows based security assessment tool called ConfigCheck for VMware ESX hosts. It rapidly assesses the security of VMware ESX hypervisor configurations compared to the VMware Infrastructure 3 Security Hardening guidelines. According to the VMware website:
Tripwire ConfigCheckTMis a free utility you can use to rapidly assess the security of your VMware ESX host configurations, according to the VMware security hardening guidelines. Co-developed by VMware and Tripwire, ConfigCheck provides an immediate assessment of the server configuration to ensure VMware Infrastructure environments are properly configured.
Tripwire ConfigCheck is simple & easy to use. To properly install & start-up the utility, follow these steps or read the blog posting:
To install and run ConfigCheck:
- Download the file configcheck.zip to a Windows machine that has Java Runtime Environment (JRE) version 1.5, or higher.
- Unzip the configcheck.zip file
- Double click on the file configcheck.cmd
- Accept the license agreement
- Enter the ESX host and user credentials
- Click the “Check Configuration” button
Once the check is complete you can click the test results to view remediation steps and view the Tripwire ConfigCheck Remediation Guide. You can also listen to the Tripwire Podcast Operationalizing VMware ESX Best Practices – Introducing Tripwire ConfigCheck.