Runecast Introduces Overrides to VMware HCL & NIST for AWS

The latest additions in Runecast Analyzer 4.4 bring enhancements to VMware HCL checks & security standards

Automated VMware HCL was initially introduced in April last year in Runecast Analyzer 2.6. 

The Automated VMware Hardware Compatibility List (HCL) checks in Runecast Analyzer replace a significant amount of skilled work previously required to extract the necessary data when matching servers, their devices, and all relevant versions from your environment against the HCL matrices. Compliance with the HCL prevents service outages, unpredictable system behaviors, and performance degradation. Runecast Analyzer shows you if, where, and why your vSphere environment is at serious risk because of Hardware Compatibility issues. Furthermore, you are given the technical information to proactively ensure compatibility and support for your data center.

When speaking with our Runecast customers, one bit of essential feedback that we’ve received regarding the value of HCL checks is that businesses are often needing to ‘sweat the assets’ longer, and so when servers have served their time in the production environment they often move on to be used for either test/dev or disaster recovery. 

In this case, you might be happy to accept the risk of not being HCL compliant with newer releases. Alternatively, you might not be using that embedded host bus adapter (HBA) that’s a part of your system board, and there’s a good chance that is the part that fails the HCL check as you upgrade to vSphere 7. If you were using this, you’d need to replace it with another HBA, but if it’s not used you might just want to ignore that specific component when running checks.

With Runecast Analyzer’s new override functionality that particular hardware can be marked manually as compatible, and the information will be applicable in all areas of Runecast Analyzer. Together with that, you can make a note specifying the reason – for your team collaboration, your future self, or new hires. For every customization there is a special icon which indicates that this setup was detected and correct manually.

In a nutshell, when server vendors have recommended to IT Admins certain hardware configurations for VMware, the VMware Hardware Compatibility List does not always contain these configurations, which results in Runecast Analyzer correctly flagging these configurations as possibly incompatible. 

Solution: With Runecast Analyzer’s new override functionality, the customer regains full control over hardware compatibility monitoring and can choose to acknowledge flagged configurations with an override (and a note as to why), after which they will not be reported as incompatible any longer. 

Here’s how it looks in production: 

You don’t have to be Apple to know that design is everything 

Additionally, with the redesign of the Hardware Compatibility feature, we set a few clear UX design goals to achieve: Increase usability, readability, and accessibility.

All designs reach a high contrast ratio, which meets requirements of Web Content Accessibility Guidelines (WCAG) 2.1 and were tested for different kinds of sight impairments (e.g. color-blindness). Other accessibility rules were also applied for a better user experience. 

Firstly, we wanted to deliver better readability of HCL results in the Details Pane, so that Runecast customers can quickly understand what needs their attention and the sequence of the HCL check. For each I/O and vSAN device, we designed card view for easy recognition of separate items to increase the speed of navigation and be more pleasing on the eyes (:slightly_smiling:). 

For the power users, we introduced the option to quickly collapse the pane with the keyboard shortcut ‘S’, so the switch between the table and details of the host is swift. This is useful especially on smaller screens, where screen real estate is highly valued. 

The overview tab now contains a progress bar indicating the number of incompatible devices out of total count.

Additionally, we introduced a sorting for the table. This might be handy when the user's focus is for example on incompatible I/O or vSAN devices, CPU and so on. 

With the overall redesign process of new Hardware Compatibility, we kept in mind the most common scenarios, feedback from our customers, and technical requirements.

We hope you like it!

Hardware Compatibility – before

Hardware Compatibility – after

New Cloud security standard for AWS: NIST

Runecast Analyzer removes the pain points in running the National Institute of Standards and Technology (NIST) Special Publication 800-53 compliance checks for AWS by automatically detecting all potential misconfigurations and best practices violations.

Runecast incorporates the five core functions of the NIST cybersecurity framework – Identify, Protect, Detect, Respond, and Recover – to enable IT teams and organizations to automate and improve their cybersecurity posture.

The addition of NIST compliance checks for AWS complements the previous inclusion of AWS compliance checks for Payment Card Industry Data Security Standard (PCI DSS) and Center for Internet Security (CIS) Amazon Web Services Foundations Benchmark checks into Runecast Analyzer’s capabilities for automated AWS insights.

NIST compliance checks for AWS extend Runecast Analyzer’s support of AWS to: AWS Health, CloudWatch, Redshift, RDS, CloudTrail, CloudFront, AWS Config, EC2, IAM, S3, VPC.

With automated checks against NIST compliance for AWS, your team – and company – can get and stay ‘audit-ready’ for complex security compliance standards that are regularly updated.

‍

As always, if you’re a customer wanting to provide feedback or ideas… or someone who is just interested in what Runecast Analyzer can do for you and want to ask us questions about your specific environment, reach out to us any time - Get in touch.