Recently I’ve had the pleasure of testing the new version of Runecast Analyzer, version 2.0. Being a Cloud Management specialist at VMware, I’ve heard of Runecast but I default to vRealize Operations when it comes to managing a vSphere environment. So, I never had any hands-on experience with Runcast Analyzer, until now.

For those of you who don’t know Runecast Analyzer. Runecast Analyzer is a software solution delivered as a small appliance, that proactively checks your vSphere environment against the latest VMware Knowledge Base articles, best practices and security hardening guides. Potential issues and best practices violations are then reported in easy to use dashboards. Because vSphere environments and VMware’s products overall are developing fast, Runecast Analyzer is constantly under development to support the latest and greatest in vSphere and vSphere-eco system. The last versions add support for vSAN, vSphere 6.7, and NSX-V.

The idea is that by using Runecast Analyzer, you can avoid outages, be more secure and compliant because you are constantly checked against the VMware KBs and best practices. Provided that you take action and fix the issues reported. Runecast Analyzer does not fix them for you.

Install & configure Runecast Analyzer

The installation of Runecast Analyzer is very simple. Just deploy the appliance to your vSphere environment. During the deployment you will be asked to enter the name, network settings and the deployment size. You can select the following deployment options:

Deployment size Suitable for Appliance size
Small 1 vCenter, 10 hosts 2 vCPUs, 4GB memory
Medium 5 vCenters, 100 hosts 4 vCPUs, 8GB memory
Large 15 vCenters, 250 hosts 8 vCPUs, 32GB memory

When the deployment is finished, you go to the IP address or FQDN and log in with the default ‘rcuser’ account and password ‘Runecast!’.

Runecast Analyzer

At first logon your will be shown a popup which helps you to get started. Here you connect your vCenter and schedule the scan interval.

Runecast Analyzer Runecast Analyzer

After the initial scan I was quite surprised. As a Cloud Management specialist at VMware, I’ve been running various versions of vRealize Operations on my environment and I was confident that my servers, virtual machines, storage, networks satisfy most of the best practices as they were running fine. The initial scan with Runecast Analyzer revealed a list of issues in my environment.

Runecast Analyzer

The issues which were revealed were not threatening the capacity or performance of my environment but they were configuration issues that might impact the availability and security and therefor the availability and stability of my environment. And most of all, they were issues is was not aware of and would have taken me ages to check manually even though I only have 6 hosts.

This immediately shows the difference between Runecast Analyzer and vRealize Operations. The focus for vRealize Operations is on the availability, performance and capacity management of your vSphere environment. vRealize Operations measures resource usage, analyses that and alerts when something is (going) wrong. vRealize Operations avoids outages and performance impact by analysing the behaviour of an environment. Runecast Analyzer avoids outages by comparing the configuration to the VMware Knowledge Base and best practices. There is some overlap in the compliance functionality of both products. Both Runecast Analyzer and vRealize Operations can do a compliance check of your environment based on eg. the VMware Hardening guide or PCI Compliance standards.

vSphere Web client plugin

Besides the Runecast interface there is also a possibility to integrate it with the vSphere web client by installing a plugin. Just go to Settings > vCenter Connection and select Install plugin in the Actions menu. After that go to the API Access tokens tab, generate a new token and copy it. The Runecast part is done, now go to the vSphere web client and log in. Select the Runecast icon in the vCenter shortcuts window, enter the API access token and the address of your Runecast Analyzer appliance. This should give you a nice Runecast view right in your web client.

Historical Analysis

Another great feature which was introduced in version 2.0 is the Historical Analysis capability. This works in two ways, first the All Issues View shows you the history of your issues count per previous scan. With this you can quickly see how you are doing, if the issues count is going up or down, what the severity trend of your issues is, etc.

You can apply filter to the view, change time period and directly drill down into specific issues in the low part of the dashboard.

The second way to use the historical analysis is to compare scans of your environment and see what has changed. How many new issues were found, how many issues have you fixed, when and on which infrastructure components.  This allows administrators to quickly identify changes in the infrastructure, fixed issues, and so on.

Compliancy checking

The last items I would like to discuss is the compliance checking. This is something which is generally being used by banks, insurance companies, etc. Runecast Analyzer includes the following compliance profiles:

  • VMware Security Harding guides.
  • Security Technical Implementation Guides (DISA STIG).
  • Payment Card Industry Data Security Standard (PCI DSS).

If you think that complying with the VMware Knowledge Base and VMware best practices is a lot of work? Try getting your environment compliant with PCI DSS and maintaining this! The PCI DSS 3.2.1 is 130+ pages of rules which may change multiple time a year. In Runecast Analyzer you just have to enable the required compliance profiles in the Settings > Security Compliance tab and it will automatic check for violations and if so, advise on how to fix these.

Conclusion

All in all I was impressed. Runecast Analyzer is tools which is easy and fast to install. It allows VMware Admins to significantly improve to configuration of their environment without digging through tons of VMware Knowledge Base articles, best practices, security hardening guides and compliance documents.

In my environment and besides VMware KBs and best practices only checking against VMware Hardening guide, Runcast performs almost 20.000 checks on my environment. Good luck doing that manually.

I think it’s also a great add-on to vRealize Operations because Runcast can significantly reduce the amount of alerts by properly configuring your environment.

Do you want to try it? You can have it up-and-running in 10 minutes including the download. Visit the Runcast website for a trial.