June 5, 2008 - Matthijs Haverink
Tripwire & VMWare release ConfigCheck for VMware ESX Hosts
Together with VMWare Tripwire has developed this tool which helps to rapidly assess the security of your VMWare ESX 3.5 servers. Among other things the joint effort consists of VMWare delivering the VMWare Infrastructure 3 Security Hardening guidelines. This tool also provides the necessary steps that are needed for full remediation.
A couple of configuration parameters that are being checked are:
– Virtual network labeling
– Port Group settings
– Network isolation for VMotion and iSCSI
– NIC Mode settings / Layer 2 Security settings
– VMWare ESX Service Console security settings
– SAN resource masking and zoning
The website states that the system requirements are Windows Server 2003 + JRE 1.5 so that’s the official supported platform by TripWire. But as you can see in Gavin’s post below: Windows XP, Linux and even OS-X should work without a problem. Great work Gavin!
You can download the tool here.
Edit [10-6-2008 Matthijs] : Gavin Millard from TripWire yesterday published a “How To” concerning ConfigCheck : http://www.tripwire.org/blog/?p=38 . Kind-a-handy since there’s no official manual :).