We want you to make the most out of every day you use Runecast Analyzer. To help with that, we’ve prepared this evaluation tutorial that covers how to best use Analyzer to protect your VMware environment against issues and security threats.
Here is what you will need to evaluate Runeacast Analyzer:
You may have one of the common questions:
Q: What products does Runecast Analyzer cover?
A: Analyzer works on VMware, vSphere, and vSAN.
Q: What user credential privileges do I need in order to connect vCenters?
A: Read-only vCenter credentials are the minimum, you may use the Admin credentials to let Runecast configure your syslogs remotely.
Q: Is any vSphere, vCenter, ESXi host or VM configuration data from my environment sent out over the internet?
A: Never — all configuration data remains on your server
Now that you have Runecast Analyzer installed (if you don’t yet, click here), let’s look at using it to scan your VMware vCenter.
To enable (sys)log analysis, go to "Settings" -> "Log Analysis" and select vCenter from where you want to inspect log files. In the case you have Admin credentials, you may try to "tick" selected ESXi host or its virtual machine and Runecast Analyzer will try to do it on your own. If you use read-only credentials, or the vCenter's ESXi host has disabled remote CLI access, you need to do it manually:
Syslog.global.logHost=udp://10.1.2.101:514in host's advanced configuration settings and enable syslog in the host's firewall
Note: Runecast Analyzer can also generate PowerCli script to enable Syslogs, this option is available in the context menu in the Log Analysis settings tab for each vCenter.
We know that not every default setting in VMware’s Knowledge Base, Best Practices and Security Hardening guides are relevant to your processes. That’s why Runecast Analyzer contains a feature called "Filters" which help you to exclude specific test environments or hide issues that are not relevant to you.
Go to "Settings" -> "Filters" and try to exclude detected problems for one of your ESXi hosts or specific VM. Once you activate the filter, the Analyzer will exclude the information from the rest of results anywhere on UI or reports.
Runecast will continuously monitor your vSphere environment and detects any violation of VMware security hardening rules or US FED DISA-STIG 6 security profile. First off go to "Settings" -> "Security Compliance" and select security profiles you are interested in. Scan connected vCenters and see the compliance report and what to configure to increase your security level.
A best practice is often not what everyone else is doing, but implementing them brings a lot of long-term benefits, mainly a better protection against issues.
The most typical reason why you have not implement VMware best practices is time.
Scan your vCenters and go to "Best Practices" tab to see the result of passed and failed best practice "rules".
In order to be continuously protected and ensure the vSphere configuration persistency, go to "Settings" -> "Automatic Scheduler" and select daily scans.
Together with daily scan configure SNMP server in "Settings" -> "Alerting" tab. This will trigger an email with the report to be sent to the specific email address(es) after each automated or manual scans.
This Evaluation Guide covers the very fundamental functionality of Runecast Analyzer. The complete documentation is available in User Guide.