As a virtual infrastructure administrator, you use vRealize Operations Manager to monitor the objects in your environment, including vCenter Server instances and ESXi hosts, on which run your virtual machines. You review the Compliance tab for your hosts and discover that one of your hosts is violating the VMware vSphere Hardening Guide standard. You must identify and fix the problems.

vRealize Operations Manager includes alert-based compliance from the VMware vSphere Hardening Guide.

In this scenario, you resolve a violated rule on your host, and another violated rule on one of your virtual machines. In your own scenario, you might repeat this procedure for any other violated rules.

vRealize Operations Manager assesses vSphere 6.0 objects against 6.0 rules, and vSphere 5.5 objects against 5.5 rules.

Prerequisites

  • Verify that you can open an XLSX file on the machine that you are using to access vRealize Operations Manager.

  • Enable the vSphere Hardening Guide alerts so that the alert-based compliance is active in your environment. See Configure Security Configuration Guide Compliance.

Procedure

  1. In the menu, click Environment.
  2. Browse to a host object.

    If you had created an object group to manage your hosts, you can select a host in the group.

  3. With the host as the focus, click the Compliance tab.

    The Compliance score displays a value other than 100.

  4. Click the violated rule named ESXi Host is violating vSphere Hardening Guide in the Active Compliance Alerts area.

    See the violated rules, including violations for vSphere 6.0 objects and 5.5 objects.

  5. In the Recommendations area, click the link to the vSphere Hardening Guides at: http://www.vmware.com/security/hardening-guides.html, and click the link to the version you need.

    The vSphere Hardening Guide downloads as an Excel spreadsheet to the machine you are using to access vRealize Operations Manager.

  6. You see that vRealize Operations Manager identified that one of the virtual machines is violating a DCUI rule, so you locate the compliance rule and the remediation method.
    • For vSphere 6.0 objects, in the 6.0 version of the vSphere Hardening Guide, locate the rule named Set DCUI.Access to allow trusted users to override lockdown mode.

    • For vSphere 5.5 objects, in the 5.5 version of the vSphere Hardening Guide, click the ESXi tab and locate the rule named Disable DCUI to prevent local administrative control.

  7. Review information about the rule in the vSphere Hardening Guide, and implement the remediation method.

Results

You identified and resolved violated compliance rules that triggered on your host and virtual machine. After you remediate the violated rules, as described in the vSphere Hardening Guide, wait for vRealize Operations Manager to run several collection cycles. After several collection cycles, the violated rules no longer appear in the list of violated standards.