vmware hardening script

Has anyone ever run this script:

https://communities.vmware.com/docs/DOC-11901 

And if so, is it run once (i.e. perhaps from a vcenter), or if you have 30 esxi hosts, do you have to run it 30 times, once per host?
LVL 4
pma111Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

If you run this against vCenter will give you the report of all stuff inside of the vCenter(hosts, Networks, VMs, etc.)

Jail
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Sometimes we run it, but we prefer to check items manually.
0
pma111Author Commented:
When you run it hanccocka, is it one scan per host (i.e. 20 hosts = 20 scans), or one scan per vcenter (1 vcenter = 1 scan)?
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

pma111Author Commented:
BestWay - did it flag up any useful findings? What kind of issues is it scanning for in vcenter?
0
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Like I said, run against vCenter(login with vCenter IP and credentials) and then will check everything.

But you can also run per host.

off topic: Long time no "see" hanccocka.

Jail
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
The issues it finds, are displayed in the documents, it depends on how in-secure you vCenter Server is!

@jail hello!
0
pma111Author Commented:
did it flag up any useful findings? What kind of issues is it scanning for in vcenter?
0
pma111Author Commented:
I was just after a flavour of the tests.
0
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi,

I think you need to try and check the information that will provide you and if it fits on your needs. That I think is the best option.

Like I said, can you give you information about vCenter and all objects(hosts, Network, etc) or just run per host that give you information regarding host.

But like hanccocka, I am not a big fun of these type of reports. Even I can run it time to time, I prefer check all the stuff manually.

This is mostly security. If you follow the initial links you will get more information regarding the script and the information that provides.

Jail
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.