The Compliance tab provides analysis based on the vRealize Operations Manager vSphere, HIPAA and PCI standards alerts that are configured with the alert subtype of Compliance. You use the compliance value as an investigative tool when you evaluate the state of objects in your environment, or when you research the root cause of a problem.

You can use the alert-based compliance that vRealize Operations Manager provides to ensure compliance of your vCenter Server instances, hosts, virtual machines, distributed port groups, and distributed switches. If you also use vRealize Configuration Manager in your environment, you can add the vRealize Configuration Manager adapter to vRealize Operations Manager. The vRealize Configuration Manager adapter provides vRealize Configuration Manager compliance information in place of the alert-based compliance.

The compliance alerts, which have the subtype named Compliance, include one or more symptoms that represent the compliance rules. Compliance alerts that trigger appear on the Compliance tab as a violations to the standard, and the triggered symptoms appear as violated rules. The rules are the alert symptoms, and the symptom configuration identifies the incorrect value or configuration. If a rule symptom triggers for any of the alerts in the standard, the triggered rule violates the standard and affects the score that appears on the Compliance tab.

The Compliance Score Card

The compliance score card of a resource is counted as smallest rounded off integer (100*(total number of symptoms enabled on objects/all the triggered symptoms on objects)).

To enable alert-based compliance, you must customize a policy. If the compliance alerts are not enabled, the score card value is 100 and is green, and no violations exist in the list of violated standards. For example, the VMware vSphere solutions provide the alerts for the ESXi host and virtual machine sections of the vSphere Hardening Guide.

Where You Find Compliance Summary Based on vRealize Operations Manager Alerts

  • In the menu, click Environment, then select a group, custom data center, application or inventory object. Click the Compliance tab.

  • Alternatively, click Environment, then use the hierarchies in the left pane to quickly drill down to the object you want.

  • Go the Quick Start page and open the vSphere Compliance page. Click View Alerts to view the active compliance alerts.

Table 1. Compliance Based on vRealize Operations Manager Alerts Options

Item

Description

Score card for the configured hardening guides

Displays the score card value, total number of rules, and number of non-compliance rules for the vSphere Security Configuration Guide, HIPAA Compliance and PCI Security Standards depending on which of compliance standards you have configured.

Active Compliance Alerts

Violated rules are based on the symptoms defined in the compliance alert.

If you click the standard, the rules for the standard appear. If a symptom triggered, the rule is considered to be violated. View the list of rules in the following tabs:

  • Violated Rules. Displays only the triggered symptoms. Click a symptom to view more information.

  • All Rules. Displays triggered and untriggered symptoms.