Instrument VMware Virtual Machines for Security and Compliance
How do you ensure Qualys is managing the security and compliance of all your VMware workloads? First, you need to have Qualys Cloud Agent installed and running on all of your VMware virtual machines. While VMware vCenter knows the exact inventory of your virtual machines at all times, it doesn’t know about Cloud Agent.
That’s where the new Qualys Agent Checker open-source tool comes in. Agent Checker integrates with VMware vCenter to query and report the deployment status of Cloud Agent across all vCenter-managed virtual machines. With this knowledge, you can update your DevOps processes to ensure Cloud Agent is installed and running on all your virtual machines.
Running Agent Checker
Agent Checker connects securely via API to multiple VCenter instances to collect Cloud Agent details, including whether or not the Qualys Cloud Agent is installed on the host; and if installed, the Cloud Agent version. Once this data is collected, it is then parsed and presented in an easily readable Excel spreadsheet report. Excel handles large lists of assets easily, and gives the flexibility to sort assets based on Cloud Agent version. Qualys Agent Checker can be scheduled to run at regular intervals via Cron jobs, with regular reports mailed to appropriate parties. Qualys Agent Checker uses Ansible vaults for secure storage of the credentials used for logging into VMware vCenter.
Agent Checker Reports
The Excel reports generated by Agent Checker contain the following tables:
- Running: The hostnames of all virtual machines where Cloud Agent is installed and running, and the Cloud Agent version
- Not Running: The hostnames of all virtual machines where Cloud Agent is installed but not running, and the Cloud Agent version
- Not Installed: The hostnames of all virtual machines where Cloud Agent is not installed
Download
Download the Agent Checker tool from Qualys’ GitHub repository: https://github.com/Qualys/Qualys-Agent-Checker
Contributors
Agent Checker was developed by members of the Qualys Cloud Operations team, which manages Qualys’ data centers and ensures efficient and secure operation of Qualys cloud infrastructure. In addition to the blog author Vinu Prasad, technical contributors to the Agent Checker tool include:
- Purushottam Soni, Lead Cloud Infrastructure Engineer, Qualys
- Cody Yu, Cloud Infrastructure Engineer, Qualys
- Vivek Sharma, Cloud Platform Engineer, Qualys
- Junjie Lu, Cloud Infrastructure Engineer, Qualys
Any plan to develop something similar for Hyper-V
Thank you for your comment. Sure we shall check on this if we can support Hyper-V it in our next release version.