As a virtual infrastructure administrator, you use vRealize Configuration Manager to monitor the objects in your environment, including ESXi hosts on which you run your companies virtual machines. You review the Compliance tab for one or more of your hosts and discover that several of them are violating the VMware vSphere Hardening Guide standard, and you need to identify the problems and fix them.

The alert-based compliance for some of the rules in the VMware vSphere Hardening Guide are included in vRealize Configuration Manager.

In this scenario, you resolve only one violated rule. Repeat the process for any other rules.

Verify that you can open an .XLSX file on the system you are using to access vRealize Configuration Manager.

Enable the Hardening Guide alerts so the alert-based compliance is active in your environment. See Customize a Policy to Enable the vSphere Hardening Guide Alerts.


In the left pane of vRealize Operations Manager, click the Environment icon.


Browse to a host object.

If you created an object group to manage your hosts, select a host in the group.


With the host as the focus of the center pane, click the Analysis tab and click the Compliance tab.


If the Compliance badge displays a value other than 100 or green, click the ESXi Host is Violating vSphere 5.5 Hardening Guide standard.

The Compliance Breakdown area expands to display all the violated rules.


Review the page to determine the criticality and pervasiveness of noncompliant standards for this host and in your environment.



Compliance Breakdown

What is the number and criticality of the violated rules for the host? How many of the violated rules are critical and should be addressed?

Compliance in Related Objects

Are there other hosts that are in a similar compliance state? Are any child objects out of compliance?

Host System Resources

Is the host configured as you expect?


If your review of the page indicates that you need to resolve the Direct console UI service is running violated rule, click the Alerts tab.

These compliance standards are based on alerts. Alerts can include recommendations. In the example of the ESXi Host is Violating vSphere 5.5 Hardening Guide standards, the alert that is also generated for this compliance alert, includes a recommendation with a link to the VMware vSphere Hardening Guide.


On the Alerts tab, locate and click the ESXi Host is Violating vSphere 5.5 Hardening Guide alert.

The Alert Details Summary tab appears. It includes the violated rules as symptoms and the recommendations to resolve the alert.


In the Recommendations area, click the link to the vSphere 5.5 Hardening Guide.

The hardening guide is downloaded to the system you are using to access vRealize Configuration Manager.


In the Hardening Guide workbook, click the ESXi tab and locate the Disable DCUI to prevent local administrative control rule.


Review the information on the row and implement the appropriate remediation method.

For this rule, you can use the ESXi Shell Command, PowerCLI Command, or the steps provided in the VMware vSphere Documentation Center to change the setting.

You identified and resolved and out of compliance rule for you host object. Four or more collection cycles after you make the change to the host settings, the rule should no longer be included in the list of violated rules for the host.