We are announcing a new Notes feature as part of Runecast Analyzer v126.96.36.199 released last week. Now admins can easily annotate any KB issue, Best Practice and Security Hardening. This brings a new way to customize your Runecast Analyzer and enrich the analysis results. Until now, you could add notes only to the Filters you create, when you disable issues reported on the whole environment or just subset of the inventory. But what if you need to mark an issue without filtering it out completely?
Here is a typical use case:
The VMware team is provided a security checklist by the Security team that has to be followed for the entire vSphere infrastructure. The VMware team use Runecast Analyzer for continuous security scans that show any deviations from the security policy. The VMware team used the Filters feature to disable all security checks that are not part of the company security policy. Although they mitigated most deviations, some of the remaining checks remain incompliant:
- "MAC address changes must be set to Reject"
- "Forged transmits must be set to Reject"
Both of these settings are set to Accept on a port group used by VMs with modified MAC addresses, due to legacy applications with license bound to a former physical MAC address. These settings must remain as they are, otherwise these VMs will lose network connectivity.
The Security team demands a regular security healthcheck report from the VMware team and any exceptions from the security policy must be justified.
The VMware team would now use the Notes section to add justification next to both security checks. The Notes would also appear in the PDF/CSV report provided to the Security team.
To Edit a Note, expand an issue (KB, Best Practice or Security Hardening), click on the Note tab and click Edit. The annotated issue appears with an orange triangle in the top right corner of its description and can be viewed by hovering over with the mouse.
This feature was requested just 3 weeks prior to its release! Do you have an idea what to add to Runecast Analyzer? Drop us a note at email@example.com