Security and Compliance for VMware Cloud Foundation in VMware Aria Operations (SaaS)
search cancel

Security and Compliance for VMware Cloud Foundation in VMware Aria Operations (SaaS)

book

Article ID: 324348

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

The VMware Cloud Foundation Compliance Pack helps you measure compliance of VMware Cloud Foundation objects based on the VCF Audit Guides, part of the VMware Cloud Foundation Compliance Kits.  The VMware Cloud Foundation Compliance Kits help organizations meet regulatory requirements by bridging the gap between compliance frameworks and implementation guides.  The Kit provides attested guidance to administrators for configuring the platform to be secure in the manner that those regulations require.  It also provides explanations and information to auditors to help them understand how the product security controls work to address the regulations.

Resolution

Please find the VMware Cloud Foundation controls based on VCF Audit Guide.xlsx file attached. It provide details about controls for vSphere, SDDC Manager, vSAN and NSX-T based on the VMware Cloud Foundation Audit Guides which are part of the Compliance Kit for VMware Cloud Foundation.  The .xlsx sheet is a collection of all compliance conditions required for assessing compliance of VCF environments for versions 4.2, 4.3, 4.4 and 4.5 separated into tabs.  This helps you to detect compliance misconfigurations in VMware Cloud Foundation environments.  The .xlsx file includes the list of automated controls which are implemented for automated compliance assessment.  There are a subset of conditions excluded from automated assessment. It is recommended to use this list of controls to have proper manual checks in place to assess your VMware Cloud.


Additional Information

Attachments

VMware Cloud Foundation controls based on VCF Audit Guide.xlsx get_app