Runecast Analyzer 2.0 – First impression

As Runecast Analyzer 2.0 was mentioned in a lot of discussions I had and blogs I appreciate, I wanted to give myself an impression of the latest release of the product. And I realized, it was a good opportunity to make my lab more “production ready”.

Runecast made a bunch of great enhancements to the product with the release of version 2.0. To name just a few of most important:

  • Ability to store and display all detected and resolved issues over time for every connected vCenter.
  • The completely new monitoring dashboard with The Most Affected hosts and trending.
  • Automation of PCI-DSS VMware rules and new PCI-DSS profile UI
  • Support for vSphere 6.7 HTML5 plugin
  • Usability, performance and security improvements for increased ease of use.
  • Latest VMware Knowledge Base updates.
  • Historical Trending and Historical Analysis

My first look at Runecast Analyzer 2.0

I have never used a version prior Runecast Analyzer 2.0, so this is no “What’s New” post. I will guide you through my first impression of the product.

Deployment and Setup

The Runecast Analyzer application is sipped as a single virtual machine OVA. So, the deployment process is pretty straightforward. Even if you start the Appliance the first time with DHCP, it is no problem to reconfigure the network details via the console.

Note:

The deployed virtual machine is pre-configured with the advanced options from the VMware Hardening Guide.

Runecast Analyzer 2.0 - Settings

With just a few clicks the setup of Runecast Analyzer 2.0 is basically done. Basic steps:

  • Add vCenter Server
    • Add Web Client Plugin
  • Add NSX Manager if present
  • Configure analysis schedule
  • Configure Syslog settings on the Hosts (and VMs)
  • Configure notification
  • Add license

After these steps, you can manually start the first analysis of your environment.

The Dashboard

Right after the first analysis run will the Dashboard give you an overview of the status of your environment. By clicking on the widgets you can jump in the related view with all the details.

Runecast Analyzer 2.0 - Dashboard

Config KBs Discovered

One of the views in the configuration analysis is “Config KBs Discovered”. This view lists all detected issues within the scanned virtual infrastructure that were derived from the VMware Knowledge Base (KB) articles.

Runecast Analyzer 2.0 - Config KBs discovered

You can use the very smart filters to reduce the huge amount of data this view will contain in a large environment.

Runecast Analyzer 2.0 - Config KBs discovered - Filtered

If you are interested in the details of a finding, you just need to expand by clicking the plus symbol and the details will be shown.

Runecast Analyzer 2.0 - Config KBs discovered - Details

In addition to the knowledge base details, might also be from interest what configuration results in this finding. The “Findings” tab will show the affected objects and the automatic checks that result in this finding.

Runecast Analyzer 2.0 - Config KBs discovered - Findings

Best Practices

The Best Practices view contains recommendations regarding your configuration of the infrastructure components. The recommendations are from different sources: VMware Knowledge Base (KB) articles, Hardening Guides, White Papers, Best Practices, and other VMware publications.

Runecast Analyzer 2.0 - Best Practices

Just like in all other views, the filters can be used in the Best Practices view. Especial the Details tab is looking slightly different from the “Config KBs Discovered” view. But both, the Findings and Details tab, work like in the prior view.

Runecast Analyzer 2.0 - Best Practices - Details

Runecast Analyzer 2.0 - Best Practices - Findings

Security Hardening

The Security Hardening view can cover in Runecast Analyzer 2.0 three different security profiles:

Security Hardening – VMware Guidelines

Runecast Analyzer 2.0 - Security Hardening - VMware Guidelines

Security Hardening – PCI DSS

Runecast Analyzer 2.0 - Security Hardening - PCI DSS

The PCI DSS module offers besides the Technical Description also the PCI DSS Details for each finding. In contrast to the VMware Security Hardening module does the PCI DSS Technical Description contain for the most findings a remediation help even with PowerCLI examples.

Runecast Analyzer 2.0 - Security Hardening - PCI DSS - remediation

The “All Issues View” has the ability to compare with previous results. This is one of the most wanted new features in Runecast Analyzer 2.0.

Runecast Analyzer 2.0 - All Issues View

Note:

If any filters have been applied using the drop-down buttons in the “All Issues View“, this will also be
applied to the popup.

Runecast Analyzer 2.0 -All Issues View - Results Comparison

Web Client plugin

If the Web Client plugin is enabled and configured (through vCenter Web Client) for the specific vCenter, each inventory object shows this nice summary widget:

Runecast Analyzer 2.0 - Web Client plugin

Runecast Analyzer 2.0 – Summary

I am really impressed by the latest release of  Runecast Analyzer 2.0! The application has a small footprint, is fast to set up and has is very useful. Especial in complex environments this tool will help to proactively identify possible problems and helps to apply, report and monitor the selected security profiles.

Runecast offers an Online Demo (no need of a registration) and a Free Trial for on-premises deployment.

Leave a Reply