Monday, June 16, 2008

VMware tools: ESX Config check: security best practices

This tool is a cool, FREE utility that can scan the security of VMware ESX 3.5 hypervisor configurations compared to the VMware Infrastructure 3 Security Hardening guidelines.

Tripwire ConfigCheck ensures ESX environments are properly configured, offering immediate insight into unintentional vulnerabilities in virtual environments and provides the necessary steps towards full remediation when they are not.

- Ensure recommended ESX configurations
- Discover possible vulnerabilities
- Deploy virtualization safely and securely
- Increase security posture of the entire enterprise
- Easily implement security and compliance best practices
- Reduce configuration drift

This handy freeware can be downloaded here.


Kim Blomgren said...

Today Tripwire has released ConfigCheck for ESX 3.0 to complement our coverage of ESX 3.5.One of the most frequent requests we had concerning Tripwire ConfigCheck was the ability to monitor 3.0. Wanting to make sure that ESX 3.0 admins had the same capabilities to ensure secure configuration of the Hypervisor against the VMware Hardening Guidelines, we added 3.0.x support. In addition, we updated the supporting remediation advice for 3.0 detailing all the steps, if different from ESX 3.5, to get the configurations up to a known and trusted state.

It is available now for download at:

digg1980 said...

I have read about Tripwire Config check for ESX on Virtualizaiton Team earlier I thought it was free just as stated on your blog, but then discovered only a limited version is what goes for free. Am I missing anything or did they change that?