As a virtual infrastructure administrator, you use vRealize Operations Manager to monitor the objects in your environment, including vCenter Server instances and ESXi hosts, on which run your virtual machines. You review the Compliance tab for your hosts and discover that one of your hosts is violating the VMware vSphere Hardening Guide standard. You must identify and fix the problems.
vRealize Operations Manager includes alert-based compliance from the VMware vSphere Hardening Guide.
In this scenario, you resolve a violated rule on your host, and another violated rule on one of your virtual machines. In your own scenario, you would repeat this procedure for any other violated rules.
vRealize Operations Manager assesses vSphere 6.0 objects against 6.0 rules, and vSphere 5.5 objects against 5.5 rules.
Verify that you can open an XLSX file on the machine that you are using to access vRealize Operations Manager.
Enable the vSphere Hardening Guide alerts so that the alert-based compliance is active in your environment. See Define Monitoring Goals for vRealize Operations Manager Solutions.
- In the menu, click Environment.
- Browse to a host object.
If you had created an object group to manage your hosts, you would select a host in the group.
- With the host as the focus, click the Analysis tab and click the Compliance tab.
The Compliance badge displays a value other than 100 or green.
- Click the violated standard named ESXi Host is violating vSphere Hardening Guide.
The Compliance Breakdown area expands to display all the violated rules, including violations for vSphere 6.0 objects and 5.5 objects.
- Review the page to determine the criticality and pervasiveness of the noncompliant standards for this host and your environment.
What is the number and criticality of the violated rules for the host? How many of the violated rules are critical and must be addressed?
Compliance in Related Objects
Are other hosts in a similar compliance state? Are any child objects out of compliance?
Host System Resources
Is the host configured as you expect?
The page indicates that you must resolve the violated rule named ESXi Host is violating vSphere Hardening Guide.
- Click the Alerts tab.
The compliance standards are based on alerts, which can include recommendations. For example, the alert named ESXi Host is violating vSphere Hardening Guide includes a recommendation that links to the VMware vSphere Hardening Guide.
- On the Alerts tab, click the alert named ESXi Host is violating vSphere Hardening Guide.
The Alert Details Summary tab displays the violated rules as symptoms, and includes the recommendations to resolve the alert.
- In the Recommendations area, click the link to the vSphere Hardening Guides at: http://www.vmware.com/security/hardening-guides.html, and click the link to the version you need.
The vSphere Hardening Guide downloads as an Excel spreadsheet to the machine you are using to access vRealize Operations Manager.
- You see that vRealize Operations Manager identified that one of the virtual machines is violating a DCUI rule, so you locate the compliance rule and the remediation method.
For vSphere 6.0 objects, in the 6.0 version of the vSphere Hardening Guide, locate the rule named Set DCUI.Access to allow trusted users to override lockdown mode.
For vSphere 5.5 objects, in the 5.5 version of the vSphere Hardening Guide, click the ESXi tab and locate the rule named Disable DCUI to prevent local administrative control.
- Review information about the rule in the vSphere Hardening Guide, and implement the remediation method.
You identified and resolved violated compliance rules that triggered on your host and virtual machine. After you remediate the violated rules, as described in the vSphere Hardening Guide, wait for vRealize Operations Manager to run several collection cycles. After several collection cycles, the violated rules no longer appear in the list of violated standards.