Data center best practices, checklist and standards
How to build secured data centers? The question almost every admin had to face. Auditing data centers for security can be approached many ways, starting with 3rd party consultants coming to the IT floor ending by manual and complicated implementation of certification or best-practice audit checklists. VMware vSphere is often implemented with default configurations. And, once deployed, many vSphere data center implementations are not regularly evaluated to determine potential improvements in terms of performance or security.
Data Center security audit
VMware Security Hardening Guides were created by VMware experts and provide prescriptive guidance for customers on how to deploy and operate VMware products in a secure manner. As such it creates an ideal checklist for security audit in virtualized data center.
Guides for vSphere are normally provided in spreadsheet format, with rich metadata to allow for guideline classification and risk assessment. They also include script examples for enabling security automation. Implementing VMware security best practices is very time consuming and requires continuous validation of the implementation as the environment configuration changes. Thankfully, there is a tool which can script and automate data center security audits.
Data center security best practice automation
One of the Runecast Analyzer feature is security profile auditing. The Analyzer scans vSphere datacenter with all the ESXi hosts, vCenter servers and virtual machines. It uses extensive database of VMware Security Hardening checks and best practices and it audits thousands of combinations on data center environment. The result is the list VMware security and best practice rules which needs to be implemented and also those which are already successfully applied. The entire scan doesn’t take more than a minute or two and can be scheduled periodically to report on best practice and security data center audit.
See how many KBs are applicable in your environment