Dear Readers, Its been long since I have written a blog. But as promised, we will collaborate here and continue to work towards making the scripts more stable and incorporate more features into it. Towards that goal I am writing this blog. When run, the script will automatically check whether security best practices are implemented in a vSphere environment or not.
The best practices are checked as per the security hardening guide given in vSphere_6_0_Hardening_Guide_GA_15_Jun_2015.xls document released by VMware. You can get more details about the guide in https://blogs.vmware.com/vsphere/2015/06/vsphere-6-hardening-guide-ga-now-available.html.There are two parts in the script. The first part Get-Security.ps1 is the one which invokes the other functions. The second part and the most important one is SecurityFunctions.ps1. This is the main script with all the required functions which does the actual job. The functions in SecurityFunctions.ps1 file can be divided into three main categories.
A portion of the sample report is provided below:
vSphere Security Check - Sample 1
This is version 1 of the script. I plan to incorporate the following improvements/enhancements in the scripts.
I expect inputs from you so that we can work together to make it better. The script and sample can be availed from https://github.com/sajaldebnath/vsphere-security-hardening .