One of the best things you can do for any environment, including VMware vSphere environments is proactive monitoring as well as implementing best practice recommendations across the board. However as administrators, implementing best practices across the board can be tedious and down right impossible to do on a continual basis. Greenfield installations may be the closest you come to having the opportunity to implement best practices. However, Runecast has been changing this in VMware vSphere environments by their killer product, Runecast Analyzer. Runecast Analyzer automates the process of aligning your VMware vsphere environment with best practices, no just once, but with every scan interval! Instead of you as the administrator having to spend hours searching to find the latest recommendations, Runecast does all of this heavy lifting for you. Just a couple of days ago Runecast has released a new version of Runecast Analyzer, version 2.7.3, that has added a really great feature. Let’s take a look at Runecast Analyzer 2.7.3 released with editable PCI-DSS to see this new functionality that is now included.
Recent Issues Demonstrating Runecast Analyzer Power
In the past year alone, Runecast Analyzer has been a tremendous help to VMware vSphere administrators everywhere. They have added really great features and functionality to the product enabling really great automated solutions for administrators keeping up with discovered issues and recommended best practices.
When you look at where 2018 started with Spectre and Meltdown, Runecast was quickly able to release Spectre and Meltdown checks and remediation recommendations. This included which hosts had the vulnerability and needed patching as well as other recommended patches at that particular time.
Fast forward to the Microarchitectural Data Sampling (MDS) vulnerabilities discovered. Runecast covered this as well with scanning and discovery of the issue across vSphere environments.
PCI-DSS checks were added as well taking a huge amount of work off administrators to be able to scan their environments in a way to discover PCI-DSS compliance issues across their VMware vSphere environments.
In addition, Runecast Analyzer also provides you with automated hardware compatibility checks against the VMware HCL – which can be a tedious process to keep up with by hand.
These are simply a few of the major features and capabilities that have been added for Runecast Analyzer.
Just this month, Runecast has helped to identity VMware vSphere ESXi hosts that are vulnerable to a newly discovered issue that affects hosts running vSphere 6.5 or vSphere 6.7. As documented in this VMware KB article, if multiple attemts to log in to an ESXi host with incorrect credentials are tried against an ESXi host affected by this issue, the hostd service might stop responding (CVE-2019-5528). This includes even vulnerability scanners that scan a vulnerable host. Runecast has been correctly identifying this issue since Runecast Analyzer v2.7.2.
Runecast Analyzer 2.7.3 released with editable PCI-DSS
Runecast Analyzer already has powerful PCI-DSS compliance solutions that include many checks and scans to help those who fall under PCI-DSS compliance regulations to be able to easily check compliance.
With massive VMware environments, identifying non-compliances and vulnerabilities that may affect prottecting PCI cardholder data can be extremely difficult. What are the highlights of the PCI-DSS functionality contained in Runecast?
- Checks some 226 corss-referenced checks to verify whether cardholder data is out of compliance.
- Covers some 50 controls which is 23 highly important controls more than the PCI DSS profile covers in general (27 controls)
- Runecast checks for compliance with the very latest and greatest PCI-DSS standards, version v3.2.1. This was released in May 2018.
- This information is readily available in the Runecast GUI.
- Runecast effectivley prioritizes the PCI-DSS findings from the Runecast scan so that issues can be ordered by the numbered PCI security milestones to protect against the highest risk factors.
- It provides an audit trail showing how the automatic check relates to the PCI requirement and control.
- Full technical details from industry knowledge resources are defined.
- Runecst provides the full technical detail from industry knowledge provided so as to understand and resolve the PCI compliance issues.
With the new release of Runecast Analyzer, you can now even further configure and test for PCI-DSS compliance regulations specific to your environment. With Runecast v2.7.3, you can edit your PCI-DSS security checks. This is extremely helpful to enterprises under strict security regulations whcih require custom criteria. This may include password requirements, timeout or NTP server.
Runecast is just one of those products that once you see it, you have to have it for your VMware vSphere environment. You then ask yourself, why have I not been running this all along? It is a brilliant idea in operation that allows VMware vSphere administrators to have powerful automation where they often need it most in the operational side of things – security, compliance, hardware compatibility, best practices, and late breaking VMware KB and VMSA advisories. This allows you to have visibility to potentially dangerous environmental conditions before it bites you!
Check out the below posts covering Runecast Analyzer:
- Runecast 2.6 Beta Introduces Automated Hardware Compatibility Checks
- Scan VMware Horizon for Issues or Errors using Runecast Analyzer Beta
- Runecast Analyzer 2.1 Released with HIPAA Scan and Management Report
- Runecast Analyzer 2.0 Released with History and VMware PCI-DSS Scanning Features
- VMware NSX Best Practices with Runecast Analyzer v1.8
Also, download a free trial version of Runecast Analyzer v2.7.3 to try out the new advanced editable PCI-DSS scans.