Runecast Platform is a security and operations platform for VMware, cloud, and containerized infrastructures. It helps you to identify, manage, and remediate vulnerabilities and misconfigurations in your environment, as well as to ensure compliance with various standards and best practices. One of the features of Runecast Platform is the ability to perform agent-less scanning of vSphere VMs. This means that you do not need to install any software or agents on your virtual machines to monitor and analyze their security and performance. Runecast Platform uses the vSphere APIs to collect data from your VMs and compare them with the latest knowledge base of VMware KB articles, security advisories, and configuration recommendations.
Agentless scanning of vSphere Virtual Machines is an industry-first functionality released in Runecast 6.8. It can be enabled on clusters managed by vCenters that are connected to Runecast. If you don't know the Runecast platform, I'd recommend reading our recent Runecast Platform In-Depth product review.
The agentless scanning feature allows users to perform vulnerability scanning of Windows and Linux workloads running on VMware vSphere without installing any agents on the virtual machines. This simplifies the setup and scanning process and also reduces the overhead associated with managing agents and any potential performance issues.
Here are some of the benefits of agentless scanning for vSphere administrators:
- It saves time and resources by eliminating the need for agent deployment and management.
- It does not impact the performance of the scanned systems, as it uses snapshots and a lightweight scanner appliance.
- Also, we can say that it does not increase the attack surface of the environment, as it does not require any additional software or credentials on the virtual machines.
- The scanning of the whole environment can discover and examine every host and virtual machine without relying on agents
- Gain visibility and insights into your VMs from a single dashboard
- Automate the remediation of issues and the enforcement of policies
Screenshot from Runecast
Agentless Scanning – How does it work?
From Runecast documentation:
This functionality leverages the VMware snapshot mechanism. Runecast Analyzer will orchestrate taking a snapshot of the target VM, mounting it to a separately deployed scanner virtual appliance which will analyze the Operating system and applications, and finally deleting the snapshot. The whole operation is expected to take between 1 to 10 minutes per virtual machine. The agentless scan is designed to scan only VMs that are tagged with a specific tag ( RunecastAgentlessScan ) so you can have full control over which VMs are included in the scan.
To use the agentless scanning feature, you download a trial of Runecast deployed as a virtual appliance in your vSphere environment. You also need to run a vCenter Server 6.0 and above and ESXi 6.0 and above that are compatible with Runecast. You can check the compatibility matrix here.
To enable the agentless scanning feature, you need to follow these steps:
Log in to the Runecast Analyzer web interface
Go to Settings > vSphere Settings > Click on the Add vCenter button and enter the credentials of your vCenter Server > Select the Enable Guest OS Analysis checkbox and click on Save.
Wait for the initial data collection and analysis to complete. Go to Dashboard > Guest OS Analysis and view the results. You can also configure the frequency and scope of the agentless scanning, as well as the notification and reporting options, from the Settings menu.
Runecast Website here.
More about Runecast from ESX Virtualization Blog
- Runecast Platform 6.8 and VMware EXPLORE Barcelona 2023 (with video)
- Digital Operational Resilience Act (DORA) compliance for VMware – by Runecast
- Runecast Platform In-Depth Review 2023
- Runecast as a CNAPP platform
More posts from ESX Virtualization:
- VMware vSphere 8.0 U2 Released – ESXi 8.0 U2 and VCSA 8.0 U2 How to update (NEW)
- What’s the purpose of those 17 virtual hard disks within VMware vCenter Server Appliance (VCSA) 8.0?
- VMware vSphere 8 Update 2 New Upgrade Process for vCenter Server details
- VMware vSAN 8 Update 2 with many enhancements announced during VMware Explore
- What’s New in VMware Virtual Hardware v21 and vSphere 8 Update 2?
- Homelab v 8.0
- vSphere 8.0 Page
- Veeam Bare Metal Recovery Without using USB Stick (TIP)
- ESXi 7.x to 8.x upgrade scenarios
- A really FREE VPN that doesn’t suck
- Patch your ESXi 7.x again
- VMware vCenter Server 7.03 U3g – Download and patch
- Upgrade VMware ESXi to 7.0 U3 via the command line
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster