VMware

Enterprise

runZero Enterprise supports synchronization of VMware vCenter and ESXi virtual machine inventories.

Setting up VMware credentials

Unlike other APIs, the VMware synchronization process is configured as part of your regular runZero Explorer scans. The first step is to set up a set of VMware credentials.

On the Credentials page, click Add Credential and choose a credential type of VMware vCenter/ESXi Username and Password, and enter the appropriate username and password. The correct username syntax in most cases is user@domain.com.

The CIDR allow list field can be used to limit which addresses the credentials should be sent to. This helps ensure that they are not passed to unexpected VMware systems that the runZero Explorer encounters on the network.

If runZero has previously found VMware API endpoints, the VMware thumbprints field will list their IP addresses and TLS fingerprints. You can edit this list to remove any systems you do not want to trust with your VMware credentials. Alternatively, if you do not want to limit authentication to the set list of IP addresses and TLS certificates, you can click the checkbox under VMware insecure to approve authenticating with untrusted endpoints.

The organization access for the credentials can be set as for any other stored credentials; see Credentials.

Performing VMware synchronization

Once you have defined a set of VMware credentials, the second step is to enable VMware synchronization as part of a scan task. Any task which includes scanning the VMware host systems can be used to synchronize VMware VM data.

The Probes tab of the scan setup has a section for enabling and disabling the VMware probe. The probe must be enabled for VMware synchronization to work; it is enabled by default.

On the Credentials tab of the scan setup, use the toggle switch to enable the appropriate set of VMware vCenter/ESXi credentials.

When the scan runs, the Explorer will use the credentials to authenticate with any VMware ESXi or vCenter hosts it finds that the credentials are configured to trust. Data about assets which are VMware VMs will be imported into runZero automatically, and merged with the other information runZero finds by scanning.