VMware has released a new version of its Compliance Checker tool, which allows IT staff to to test the security of its vSphere 4.1 hosts, the company said in a blog post on Tuesday: http://blogs.vmware.com/security/2011/09/vmwares-cpc-releases-another-free-compliance-checker.html

The tool is meant to help users get started on the "trusted cloud," according to George Gerchow, director of VMware's Center for Policy & Compliance.

The security assessment done by Compliance Checker is based on a predefined subset of the rules in the vSphere 4.1 Security Hardening Guide, a 113-page document published by VMware in April.

The tool determines if the ESX firewall is correctly configured and if the vSphere Web Access feature has been disabled, for example. The resulting report includes the rules, descriptions of them and the success or failure of each rule, according to the blog post.

To make sure that configuration changes don't open up doors for hackers, the tool can be used over and over again.

The Compliance Checker is based on VMware's vCenter Configuration Manager, which allows enterprises to automate configuration management across virtual as well as physical servers, workstations and desktops.

(PCW)