When the security hardening parameter isolation.tools.setinfo.disable is set to TRUE, we may observe:

• Discrepancies between VM CPU and Memory metrics in Aria Operations compared to the Guest OS (e.g., Task Manager or top).
• Questions regarding the accuracy of storage and network performance data under this configuration.

Aria Operations 8.18.x

1. What does isolation.tools.setinfo.disable do?

This is a security-hardening configuration that restricts the "push" of information from the Guest OS (VM) to the ESXi host.

• Default Behavior: VMware Tools allows the Guest OS to send informational metadata (hostname, IP address, custom configuration strings) to the host.
• Hardened Behavior (Set to TRUE): It blocks the Guest OS from modifying or sending descriptive information to the VM’s configuration file (.vmx). This prevents a compromised VM from potentially injecting malicious data into the hypervisor’s management layer.

2. Impact on CPU and Memory Metrics

Yes, these metrics are impacted. Aria Operations typically leverages VMware Tools to report high-accuracy guest utilization. When this communication channel is restricted:

• Aria Operations falls back to Hypervisor-level metrics (e.g., "Memory Consumed" instead of "Guest Active").
• Metrics in the Aria dashboard may not perfectly align with Guest OS tools because the host is "observing" the VM from the outside rather than receiving direct reports from within Which data is impacted by isolation.tools.setinfo.disable.
  
  

3. Impact on Virtual Disk (IOPS/Throughput) Metrics

 No, these metrics are not impacted.

• Storage performance data (IOPS, Latency, and Throughput) is collected by the ESXi kernel at the storage stack level.
• The hypervisor manages the actual I/O "wire," these metrics remain 100% accurate regardless of the VM’s hardening status or VMware Tools state.

4. Tracking Network Storage Performance

Network-to-storage tracking remains fully functional. You can continue to monitor the performance of the fabric from ESXi hosts to external storage by tracking:

• Disk Latency (ms) & Throughput: Monitored at the VM and Host levels.
• VMkernel Monitoring: Checking for dropped packets and NIC saturation.
• Storage Management Packs: For end-to-end tracking of the external storage fabric, continue using specific Storage Management Packs within Aria Operations Which data is impacted by isolation.tools.setinfo.disable.