The vSphere Hardening Guide alerts notify you when settings or properties on your hosts or virtual machines are not configured in compliance with the guide. To use the alerts, override the policy setting so that Local is enabled.

The alert-based compliance does not work until you enable one or both of the vSphere Hardening Guide alerts. One alert is for ESXi hosts and one is for virtual machines. The Hardening Guide checks the collected data do determine if the recommended settings on configured so that your ESXi hosts and virtual machines operate in a secure manner.

Verify that your vRealize Operations Manager instance includes the Default Policy and one or more other policies. See Default Policy in vRealize Operations Manager.


In the left pane of vRealize Operations Manager, click the Administration icon.


Click Policies and click the Policy Library tab.


Expand the Base Settings, select the policy that you want to customize, and click the pencil to edit the policy.


In the workspace navigation, click Override Alert and Symptom Definitions.


In the Alert Definitions pane, enter hardening in the Filter text box.

The list displays ESXi Host is Violating vSphere Hardening Guide and Virtual Machine is Violating vSphere Hardening Guide alerts.


For each alert, click the State drop-down menu and click Local.


Click Save.

The alerts and the associated symptom definitions are enabled. When the configure policy is active, Hardening Guide alerts are generated when the configured symptom definitions are found to be true for hosts or virtual machines.

Review the Compliance tab to determine if a selected object is in compliance. For an example, see User Scenario: Ensure Your Host Objects Are In Compliance Using Alert-Based Compliance.