Patching Virtual Machines and Virtual Servers

Scanning and patching virtual machines

Security Controls can scan for and deploy patches to online virtual machines, to offline virtual machines, and to virtual machine templates. The process is fairly simple; you add your virtual machines to a machine group and then perform your scans and deployments using the normal process.

Try it yourself

  1. Create one or more machine groups that contain the virtual machines and virtual machine templates in your organization.
    For information on creating these groups, see the How to Add Virtual Machines topic in the Security Controls Help.
  2. Supply credentials for the virtual machines.
    For details, see the Supplying Credentials topic in the Security Controls Help.
  3. Use the machine group in a patch scan.
    This is performed the exact same way as a scan of a machine group that contains physical machines.
  4. Review the scan results and then deploy missing patches.
    These actions are performed using the exact same processes that are used for physical machines.

Scanning and patching vCenter Servers and ESXi hypervisors

The Virtual Inventory feature is used to manage and track the vCenter Servers and the ESXi hypervisors (ESXi hosts) that are used in your organization. It may also help you discover virtual machines you didn’t even know you had. You can use the Virtual Inventory feature to:

  • Add vCenter Servers and ESXi hypervisors to Security Controls
  • View basic configuration information about the vCenter Servers and the ESXi hypervisors
  • Perform a scan of the managed and unmanaged ESXi hypervisors
  • View the security bulletins that have already been installed on the managed and unmanaged ESXi hypervisors
  • View the security bulletins that are missing on the managed and unmanaged ESXi hypervisors
  • Deploy any missing security bulletins to the ESXi hypervisors
  • Power on and off the virtual machines that reside on your managed and unmanaged ESXi hypervisors

Your vCenter Servers and ESXi hypervisors are managed using the Virtual Inventory list in the navigation pane.

Virtual Inventory list

Show me!

With so many different capabilities packed into one feature, it is a bit much to adequately cover in this guide. The best way to learn more about the Virtual Inventory feature is to view the relevant Security Controls Help topics.