As Runecast Analyzer 2.0 was mentioned in a lot of discussions I had and blogs I appreciate, I wanted to give myself an impression of the latest release of the product. And I realized, it was a good opportunity to make my lab more “production ready”.
Runecast made a bunch of great enhancements to the product with the release of version 2.0. To name just a few of most important:
- Ability to store and display all detected and resolved issues over time for every connected vCenter.
- The completely new monitoring dashboard with The Most Affected hosts and trending.
- Automation of PCI-DSS VMware rules and new PCI-DSS profile UI
- Support for vSphere 6.7 HTML5 plugin
- Usability, performance and security improvements for increased ease of use.
- Latest VMware Knowledge Base updates.
- Historical Trending and Historical Analysis
My first look at Runecast Analyzer 2.0
I have never used a version prior Runecast Analyzer 2.0, so this is no “What’s New” post. I will guide you through my first impression of the product.
Deployment and Setup
The Runecast Analyzer application is sipped as a single virtual machine OVA. So, the deployment process is pretty straightforward. Even if you start the Appliance the first time with DHCP, it is no problem to reconfigure the network details via the console.
Note:
The deployed virtual machine is pre-configured with the advanced options from the VMware Hardening Guide.
With just a few clicks the setup of Runecast Analyzer 2.0 is basically done. Basic steps:
- Add vCenter Server
- Add Web Client Plugin
- Add NSX Manager if present
- Configure analysis schedule
- Configure Syslog settings on the Hosts (and VMs)
- Configure notification
- Add license
After these steps, you can manually start the first analysis of your environment.
The Dashboard
Right after the first analysis run will the Dashboard give you an overview of the status of your environment. By clicking on the widgets you can jump in the related view with all the details.
Config KBs Discovered
One of the views in the configuration analysis is “Config KBs Discovered”. This view lists all detected issues within the scanned virtual infrastructure that were derived from the VMware Knowledge Base (KB) articles.
You can use the very smart filters to reduce the huge amount of data this view will contain in a large environment.
If you are interested in the details of a finding, you just need to expand by clicking the plus symbol and the details will be shown.
In addition to the knowledge base details, might also be from interest what configuration results in this finding. The “Findings” tab will show the affected objects and the automatic checks that result in this finding.
Best Practices
The Best Practices view contains recommendations regarding your configuration of the infrastructure components. The recommendations are from different sources: VMware Knowledge Base (KB) articles, Hardening Guides, White Papers, Best Practices, and other VMware publications.
Just like in all other views, the filters can be used in the Best Practices view. Especial the Details tab is looking slightly different from the “Config KBs Discovered” view. But both, the Findings and Details tab, work like in the prior view.
Security Hardening
The Security Hardening view can cover in Runecast Analyzer 2.0 three different security profiles:
- VMware Guidelines – Based on VMware Security Hardening Guides
- DISA STIG – The Security Technical Implementation Guides (STIGs) are based on standards of Department of Defense.
- PCI DSS v3.2.1 – PCI DSS is the Payment Card Industry (PCI) Data Security Standard (DSS).
Security Hardening – VMware Guidelines
Security Hardening – PCI DSS
The PCI DSS module offers besides the Technical Description also the PCI DSS Details for each finding. In contrast to the VMware Security Hardening module does the PCI DSS Technical Description contain for the most findings a remediation help even with PowerCLI examples.
Results Comparison
The “All Issues View” has the ability to compare with previous results. This is one of the most wanted new features in Runecast Analyzer 2.0.
Note:
If any filters have been applied using the drop-down buttons in the “All Issues View“, this will also be
applied to the popup.
Web Client plugin
If the Web Client plugin is enabled and configured (through vCenter Web Client) for the specific vCenter, each inventory object shows this nice summary widget:
Runecast Analyzer 2.0 – Summary
I am really impressed by the latest release of Runecast Analyzer 2.0! The application has a small footprint, is fast to set up and has is very useful. Especial in complex environments this tool will help to proactively identify possible problems and helps to apply, report and monitor the selected security profiles.
Runecast offers an Online Demo (no need of a registration) and a Free Trial for on-premises deployment.
