VMware PCI Compliance Checker (free tool)
PCI (Payment Card Industry) compliance refers to a set of security standards (Data Security Standard) required by the credit card industry for any applications that process credit cards (E-commerce, B2B, etc.). As reported by Visa, many companies have failed to meet deadlines for PCI compliance of their applications.
VMware has a free tool — VMware Compliance Checker— that will scan Windows servers and desktops for PCI compliance and suggest potential remediations for any gaps discovered. The tool will run against either physical or virtual servers and desktops running a Windows operating system.
VMware Compliance Checker is a part of the VMware Configuration Manager Product, which was just released along side vSphere 4.1.
VMware Configuration Manager is a new product from the EMC Ionix family, which can be used to enforce configuration standards and prevent “configuration drift” across a datacenter’s virtual infrastructure. It can also be used to automate the provisioning process, and extend configuration management to Microsoft’s Active Directory as well.
Some quick feature highlights:
- Automated collection, analysis, remediation, and patch lowers IT audit costs by significantly reducing the time and labor associated with time-consuming manual processes
- Discover, collect and detect changes and identify policy violations for more than 80,000 configuration settings
- Remediate by detecting and fixing configuration problems and security vulnerabilities automatically across multiple systems
- Streamline Active Directory management and compliance automation by collecting Active Directory configuration data, objects, and changes made
- High-level dashboards provide the right level of information needed to make change, configuration and patch management processes more effective
- Templates for Sarbanes-Oxley (SOx), HIPPA, best practices from MSFT, Apple, VMware and more…
VMware’s Compliance Manager is worth a look in helping to enforce consistency and automate related processes in your datacenter.