VMware Aria Operations continuously monitors your infrastructure to ensure that it remains in compliance. Compliance is an ongoing process. VMware Aria Operations evaluates the collected data against the defined policies. It assigns a compliance score to each object or group based on how well they adhere to the policies. The compliance score is typically represented as a percentage.
How Compliance Benchmarks Work
Compliance is used to monitor the vCenter Server instances, hosts, virtual machines, distributed port groups, and distributed switches in your environment to ensure that the settings on your objects meet the defined standards. Compliance benchmarks display score cards that help you proactively detect compliance problems in VMware Aria Operations. The compliance benchmarks are measured against a set of standard rules, regulatory best practices, or custom alert definitions.
All the compliance standards in VMware Aria Operations, including any standards that you define, are based on alert definitions. Only alert definitions of the Compliance subtype are counted. Custom score cards can monitor user-defined alerts. The alerts and symptom definitions are based on the properties and metrics of the underlying object.
When VMware Aria Operations detects non-compliance with a policy, it can generate alerts or notifications. Depending on the severity of the non-compliance, you can configure automated remediation actions to bring the object back into compliance.
You can manage all compliance related tasks from the VMware Aria Operations can monitor, and then activate the benchmarks for those types of data sources. When you activate a benchmark for a data source, you select an applicable policy. VMware Aria Operations then activates the appropriate alert definitions in the policy to measure compliance.
page. The data sources are displayed in a carousel on the top of the page. To see a compliance score card, you must first configure the data source thatData Sources for Calculating Compliance
- VMware Self-Managed Cloud (SDDC) environment, including DC and Edge environments
- VMware Managed Cloud (VMC SDDC) environment
- VMware Cloud Foundation Domains
- VMware Cloud on Dell EMC SDDC
- Oracle Cloud VMware Solution SDDC
- Azure VMware Solution
- Google Cloud VMware Engine
- Private Cloud
Compliance benchmarks on VMware Cloud on AWS, VMware Cloud Foundation, VMware Cloud on Dell EMC, Oracle Cloud VMware Solution, Azure VMware Solution, and Google Cloud VMware Engine are applicable only on customer VMs that you have deployed in the respective data centers.
You can automate the remediation of some of the alerts by installing the Management Pack for VMware Aria Automation Orchestrator. See the management pack documentation in the VMware Aria Operations for Integrations Product Documentation for more details.
Compliance Benchmarks
- VMware SDDC and Benchmarks
-
Displays score cards based on alerts which are measured against the latest hardening guides:
- vSphere Security Configuration Guide
- vSAN Security Configuration Guide
- NSX Security Configuration Guide
For more details, see VMware SDDC Benchmark Details.
- VMware Cloud Foundation Benchmarks
-
Displays score cards based on alerts which are measured in
VMware Cloud Foundation domains based on the following audit guides:
- VCF 4.2 Audit Guide
- VCF 4.3 Audit Guide
- VCF 4.4 Audit Guide
- Custom Benchmarks
- Displays benchmarks that you define. Use compliance alerts from vSphere and regulatory management packs, or define your own alerts to monitor. You can define up to five custom score cards. You can import custom benchmarks from other instances of VMware Aria Operations.
- Regulatory Benchmarks
-
Displays benchmarks for industry standard regulatory compliance requirements. You can install compliance packs for the following regulatory standards:
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry Data Security Standard (PCI DSS) Compliance Standards
- CIS Security Standards
- Defense Information Systems Agency (DISA) Security Standards
- The Federal Information Security Management Act (FISMA) Security Standards
- International Organization for Standardization (ISO) Security Standards
For more details, see Regulatory Benchmark Details.