Home > Virtualization > Get Tripwire’s ConfigCheck For VMware ESX…

Get Tripwire’s ConfigCheck For VMware ESX…

Tripwire_configcheck
From my good friends over at Tripwire…

I haven’t been able to try ConfigCheck out myself yet, but reports from a couple of trusted sources have suggested it’s a fantastically useful tool, and you can’t beat the price as it’s FREE!

Tripwire® ConfigCheckTM is a free utility that rapidly assesses the security of VMware ESX 3.5 hypervisor configurations compared to the VMware Infrastructure 3 Security Hardening guidelines. Developed by Tripwire in cooperation with VMware, Tripwire ConfigCheck ensures ESX environments are properly configured—offering immediate insight into unintentional vulnerabilities in virtual environments—and provides the necessary steps towards full remediation when they are not.

If I have time next week, I plan to give this a whirl, but I’d suggest that if you’ve already implemented VMware or are planning to, you should make use of a utility such as this…until it’s bundled into the platforms themselves 😉

Get your copy here.

Good move by Tripwire.

Categories: Virtualization Tags:
  1. June 7th, 2008 at 23:11 | #1

    Thanks for the mention, Chris – and can't wait to hear what you think of it.

  2. David O'Berry
    June 8th, 2008 at 13:12 | #2

    Good stuff.
    Tony Sager from the NSA mentioned, at the SC Magazine Conference, machine readable version of checks like this for different environments with the MSFT ecosystem of course being the first place to hit. They have come a long way with the entire concept and once you get the guidelines and autochecks like this one working hand in hand in a loop process using feedback from the evolving threats, things will get better at a much quicker pace. Out of the box, they have the OS configged as it needs to be and then each set of guidelines you choose to employ can be pushed down. It raises the level across the board without requiring people to be all that technical.
    –David

  3. David O’Berry
    June 8th, 2008 at 17:12 | #3

    Good stuff.
    Tony Sager from the NSA mentioned, at the SC Magazine Conference, machine readable version of checks like this for different environments with the MSFT ecosystem of course being the first place to hit. They have come a long way with the entire concept and once you get the guidelines and autochecks like this one working hand in hand in a loop process using feedback from the evolving threats, things will get better at a much quicker pace. Out of the box, they have the OS configged as it needs to be and then each set of guidelines you choose to employ can be pushed down. It raises the level across the board without requiring people to be all that technical.
    –David

  4. June 9th, 2008 at 02:39 | #4

    I've added a howto on our blog to help any of your readers that want to use ConfigCheck. http://www.tripwire.org/blog/?p=38
    Let us know how you get on with testing it next week.

  1. No trackbacks yet.