A public draft of the vSphere Security Hardening Guide for vSphere 5.1 was released a few weeks back by my colleague Mike Foley. Since then I have been asked by several people if I had a chance to update my vSphere Security Hardening Report Script. The answer was unfortunately no due to other projects I had been working on and this script as well as others are maintained outside of my normal day job. I finally found some time this past weekend to go through the 5.1 revision of the hardening guide and make the necessary updates to my script which includes a few additional checks.
The script continues to provide backwards compatibility to previous releases of the vSphere Security Hardening Guide for vSphere 5.0, 4.1 and 4.0. Maintaining this compatibility is actually quite a challenge due to small minor changes in the hardening guide from previous versions, but I am please to say the latest 5.1 draft has now been implemented.
Disclaimer: This script is not officially supported by VMware, please test this in a development environment before using on production systems.
Here is a sample output for the Security Hardening Report for a subset of my vSphere 5.1 home lab environment using "profile1" check:
vmwarevSphereSecurityHardeningReport-SAMPLE.html
For more details about the security hardening script, please refer to the documentation here.
Michael says
Great work William!!
Please note folks, that this script is based on a pre-release version of the 5.1 hardening guide. The RC version is coming REAL SOON followed a few weeks later by the GA version. As William is want to do, I'm sure the script above will be updated very shortly after the GA of the 5.1 HG. 🙂
Anonymous says
What do you consider "a few weeks"? It has now been a month and I have seen NO new updates to the draft.
William Lam says
The vSphere 5.1 Security Hardening Guide official release was released on 4/15, here's the announcement https://blogs.vmware.com/security/2013/04/vsphere-5-1-hardening-guide-official-release.html
Andrea Mauro says
Really useful
marcel disuja says
What a wonderful post. I have learnt so much from this blog.I like your blog.Thanks for the post.
automotive locksmith services
James Deighan says
It's really appreciable message for everybody thanks for sharing this information.When looking for a locksmith in Atlanta, GA, you want to find somebody who is professional and affordable. Our Reliable Locksmith in Atlanta understands that we need to be mobile so that we will respond quickly to any situation. If you are looking for an Atlanta locksmith 24 hour, call us now at (404) 445-0200 and the closest technician we will dispatched to your locations immediately.
locksmith atlanta
locksmith in atlanta
atlanta locksmith
locksmith services in atlanta
car locksmith atlanta
Yan says
Hi William,
Is the script based on the public draft or the final release of the hardening guide?
Thanks
Yan
Amit Vyas says
Hi William,
Really nice work you have done
Just wanted to check is this script will work on 5.5 ?
I was able to run the script without any error but unfortunately HTML file didn't show the any content
Awaiting for your reply
Regards,
Amit Vyas
Rajesh Gala says
Nice work,But how to use this perl script.pre-requisite and what is required to execute it.
Thanks waiting for the earliest reply.