Roadmap of Tasks for Virtual Machines and Virtual Machine Templates

Show Me!

A video tutorial is available on this topic. To access the video, click the following link:

Watch a related video (7:21)

Patch Tasks

Security Controls can scan and deploy patches to online virtual machines, to offline virtual machines, and to virtual machine templates. You do this by performing the following tasks:

  1. Create one or more machine groups that contain the virtual machines and virtual machine templates you want to scan and patch.
    See How to Add Virtual Machines.
  2. Supply credentials for the virtual machines.
    When performing scans, the recommended best practice is to always supply credentials for the virtual machines and virtual machine templates. When performing patch deployments, credentials must be set at the machine, group, or default level. See Supplying Credentials for more details.
  3. Use the machine group in a scan. See How to Initiate a Patch Scan for details.
  4. Review the scan results. See Accessing Patch Scan Results for details.
    In the scan results, unique icons will distinguish an offline virtual machine () from a physical machine or an online virtual machine () and from a virtual machine template (). When viewing machines in Machine View the Offline Scan column in the top pane will indicate if a virtual machine was online or offline at the time of the scan.
  5. (Optional) If you want to take snapshots of your hosted virtual machines and templates immediately before and/or immediately after the deployment process, make sure you specify this on the Hosted VMs/Templates tab of the deployment template you plan to use.
  6. Deploy the desired patches to the desired virtual machines and virtual machine templates. See Deploying Patches to Virtual Machines for details.
    You may not know if a particular virtual machine is online or offline at the time you perform a deployment, and it typically doesn't matter. The following guidelines apply for patch deployments to virtual machines:
    • If a virtual machine is hosted on a server, the deployment can be successful regardless of whether the virtual machine is online or offline at the time of the deployment.
    • If a virtual machine is defined in a machine group using the Workstation Virtual Machines tab, the deployment can be successful as long as the virtual machine is offline.
    • If a virtual machine is defined in a machine group using the Machine Name, Domain Name, or IP Address/Range tab, the deployment can be successful as long as the virtual machine is online.

    If a virtual machine is online the patch deployment is performed in the same manner as for a physical machine. Patch deployments to offline virtual machines and to virtual machine templates are performed by Security Controls in a slightly different manner. See Deploying Patches to Virtual Machines for details.

  7. Monitor the deployment activities. See Monitoring the Deployment for details.

Asset Management Tasks

Security Controls can perform asset management scans of online virtual machines, of offline virtual machines, and of virtual machine templates. You do this by performing the following tasks:

  1. Create one or more machine groups that contain the virtual machines and templates you want to scan.
    See How to Add Virtual Machines.
  2. Supply credentials for the virtual machines and virtual machine templates.
    See Supplying Credentials for details.
  3. Use the machine group in an asset scan. See How to Perform Asset Scans for details.
  4. Review the asset scan results. See Viewing Asset Scan Results for details.
    When viewing machines in Machine View the Offline Scan column in the top pane will indicate if a virtual machine was online or offline at the time of the scan.

Power Management Tasks

You can use Security Controls to power on and off the virtual machines that reside on your ESXi hosts. For more information, see Performing Actions on Virtual Machines.