Installation guide
Table Of Contents
- VMware vCenter Configuration ManagerAdministration Guide
- About This Book
- Getting Started with VCM
- Installing and Getting Started with VCM Tools
- Configuring VMware Cloud Infrastructure
- Virtual Environments Configuration
- Configure Virtual Environments Collections
- Configure Managing Agent Machines
- Obtain the SSL Certificate Thumbprint
- Configure vCenter Server Data Collections
- Configure vCenter Server Virtual Machine Collections
- Configure vCloud Director Collections
- Configure vCloud Director vApp Virtual Machines Collections
- Configure vShield Manager Collections
- Configure ESX Service Console OS Collections
- Configure the vSphere Client VCM Plug-In
- Running Compliance for the VMware Cloud Infrastructure
- Create and Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Rule Groups
- Create and Test Virtual Environment Compliance Rules
- Create and Test Virtual Environment Compliance Filters
- Preview Virtual Environment Compliance Rule Groups
- Create Virtual Environment Compliance Templates
- Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Exceptions
- Configuring vCenter Operations Manager Integration
- Auditing Security Changes in Your Environment
- Configuring Windows Machines
- Verify Available Domains
- Check the Network Authority
- Assign Network Authority Accounts
- Discover Windows Machines
- License Windows Machines
- Disable User Account Control for VCM Agent Installation
- Install the VCM Windows Agent on Your Windows Machines
- Enable UAC After VCM Agent Installation
- Collect Windows Data
- Windows Collection Results
- Getting Started with Windows Custom Information
- Prerequisites to Collect Windows Custom Information
- Using PowerShell Scripts for WCI Collections
- Windows Custom Information Change Management
- Collecting Windows Custom Information
- Create Your Own WCI PowerShell Collection Script
- Verify that Your Custom PowerShell Script is Valid
- Install PowerShell
- Collect Windows Custom Information Data
- Run the Script-Based Collection Filter
- View Windows Custom Information Job Status Details
- Windows Custom Information Collection Results
- Run Windows Custom Information Reports
- Troubleshooting Custom PowerShell Scripts
- Configuring Linux and UNIX Machines
- Configuring Mac OS X Machines
- Patching Managed Machines
- VCM Patching for Windows Machines
- VCM Patching for UNIX and Linux Machines
- UNIX and Linux Patch Assessment and Deployment
- Getting Started with VCM Patching
- Getting Started with VCM Patching for Windows Machines
- Check for Updates to Bulletins
- Collect Data from Windows Machines by Using the VCM Patching Filter Sets
- Assess Windows Machines
- Review VCM Patching Windows Assessment Results
- Prerequisites for Patch Deployment
- Default Location for UNIX/Linux Patches
- Location for UNIX/Linux Patches
- Default Location for UNIX/Linux Patches
- vCenter Software Content Repository Tool
- Deploy Patches to Windows Machines
- Getting Started with VCM Patching for UNIX and Linux Machines
- Check for Updates to Bulletins
- Collect Patch Assessment Data from UNIX and Linux Machines
- Explore Assessment Results and Acquire and Store the Patches
- Default Location for UNIX/Linux Patches
- Deploy Patches to UNIX/Linux Machines
- How the Deploy Action Works
- Running VCM Patching Reports
- Customize Your Environment for VCM Patching
- Running and Enforcing Compliance
- Provisioning Physical or Virtual Machine Operating Systems
- Provisioning Software on Managed Machines
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Configuring Active Directory Environments
- Configuring Remote Machines
- Tracking Unmanaged Hardware and Software Asset Data
- Managing Changes with Service Desk Integration
- Index
Running Compliance for the VMware
Cloud Infrastructure
4
Running Compliance for the VMware Cloud
Infrastructure
Compliance templates evaluate the virtual environment object data to determine if the objects meets the
criteria in the rules. If the property values on an object do not meet the criteria, and if there is no exception
defined, then the object is flagged as noncompliant. When an object is non compliant, the template results
provide the details of the settings or configurations that do not match the rules. You can use this
information to resolve the issue.
Compliance templates include the following components:
n
Rule Groups: The rule groups comprise rules and filters.
n
Rules: The rules define the optimal configuration standard.
n
Filters: The filters limit the objects on which the template runs to only the objects that meet the filter
criteria. If filters are not defined, the rules are run against all objects in the virtual objects group.
n
Exceptions: The exceptions are optional temporary or permanent exceptions to the template results.
The defined exception indicates that a specific result is compliant or noncompliant even though it does
not match the requirements of the rules.
Create and Run Virtual Environment Compliance Templates
Create compliance templates that evaluate your virtual environment object data to determine if the
objects meet the criteria in the rules that define objects as compliant or noncompliant.
The example used in this procedure is whether VMware Tools is running on guest virtual machines on all
vCenter Server instances, but excluding vCenter_Dev.
Prerequisites
Collect virtual environments data. See "Configure Virtual Environments Collections" on page 25.
Procedure
1. "Create Virtual Environment Compliance Rule Groups" on page 60
Create rule groups so that you can add rules and filters.
2. "Create and Test Virtual Environment Compliance Rules" on page 60
Create rules that define the ideal value that objects should have to be considered compliant.
3. "Create and Test Virtual Environment Compliance Filters" on page 61
Create filters that limit the objects on which the templates run to only the objects that meet the filter
criteria.
VMware, Inc.
59