I was trying to find some documentation around the metrics monitored by the VMware Aria Operations Compliance Pack for HIPAA. Since VMware is now including the management pack as a native solution as of vRealize Operations 8.1 I wasn’t able to find allot of documentation around it so I exported the symptoms monitored.
Here is a list of the symptoms from version 8.10
HIPAA 164.312(c)(1) - Integrity - NTP time synchronization service is not configured on the host
HIPAA 164.312(a)(1) - Access Control - Count of maximum failed login attempts is nto set
HIPAA 164.312(c)(1) - Integrity - launchmenu feature is enabled
HIPAA 164.312(c)(1) - Integrity - Unity taskbar feature is enabled
HIPAA 164.312(c)(1) - Integrity - Shellaction is enabled
HIPAA 164.312(c)(1) - Integrity - Independent nonpersistent disks are being used
HIPAA 164.312(a)(1) - Access Control - Default setting for intra-VM TPS is incorrect
HIPAA 164.312(c)(1) - Integrity - NTP Server is not configured to startup with the host
HIPAA 164.312(a)(1) - Access Control - Dvfilter network APIs is nto configured to prevent unintended use
HIPAA 164.312(a)(1) - Access Control - HGFS file transfers are enabled
HIPAA 164.312(b) - Audit Control - Persistent logging is not configured for ESXi host
HIPAA 164.312(c)(1) - Integrity - Toprequest feature is enabled
HIPAA 164.312(b) - Audit Control - Remote logging for ESXi hosts is not configured
HIPAA 164.312(c)(1) - Integrity - PCI pass through device is configured on the virtual machine
HIPAA 164.312(c)(1) - Integrity - Bios Boot Specification feature is enabled
HIPAA 164.312(a)(1) - Access Control - Timeout to automatically terminate idle sessions is not configured
HIPAA 164.312(a)(1) - Access Control - Access to VM console is not controlled via VNC protocol
HIPAA 164.312(a)(1) - Access Control - VIX messages are enabled on the VM
HIPAA 164.312(c)(1) - Integrity - Protocolhandler feature is enabled
HIPAA 164.312(a)(1) - Access Control - Copy/paste operations are enabled
HIPAA 164.312(c)(1) - Integrity - Tray icon feature is enabled
HIPAA 164.312(a)(1) - Access Control - GUI Copy/paste operations are enabled
HIPAA 164.312(c)(1) - Integrity - version get feature is enabled
HIPAA 164.312(c)(1) - Integrity - Informational messages from the VM to the VMX file are not limited
HIPAA 164.312(a)(1) - Access Control - Timeout value for DCUI is not configured
HIPAA 164.312(a)(1) - Access Control - Guests can recieve host information
HIPAA 164.312(c)(1) - Integrity - Users and processes without privileges can remove, connect and modify devices
HIPAA 164.312(c)(1) - Integrity - NTP time synchronization server is not configured
HIPAA 164.312(c)(1) - Integrity - Unity active feature is enabled
HIPAA 164.312(c)(1) - Integrity - Autologon feature is enabled
HIPAA 164.312(a)(1) - Access Control - drag-n-drop - Copy/paste operations are enabled
HIPAA 164.312(c)(1) - Integrity - Intra VM Transparent Page Sharing is Enabled
HIPAA 164.312(c)(1) - Integrity - GetCreds feature is enabled
HIPAA 164.312(a)(1) - Access Control - Time after which a locked account is automatically unlocked is not configured
HIPAA 164.312(c)(1) - Integrity - Versionset feature is enabled
HIPAA 164.312(a)(1) - Access Control - Auto install of tools is enabled
HIPAA 164.312(a)(1) - Access Control - Access to DCUI is not set to allow trusted users to override lockdown mode
HIPAA 164.312(a)(1) - Access Control - Access to VMs are not controlled through dvfilter network APIs
HIPAA 164.312(a)(1) - Access Control - Copy/paste operations are enabled
HIPAA 164.312(a)(1) - Access Control - Managed Object Browser (MOB) is enabled
HIPAA 164.312(c)(1) - Integrity - Trash folder state is enabled
HIPAA 164.312(c)(1) - Integrity - Unity feature is enabled
HIPAA 164.312(a)(1) - Access Control - Timeout is not set for the ESXi Shell and SSH services
HIPAA 164.312(c)(1) - Integrity - Image Profile and VIB Acceptance Levels are not configured to desired level
HIPAA 164.312(c)(1) - Integrity - Firewall is not configured for NTP service
HIPAA 164.312(c)(1) - Integrity - Unity push feature is enabled
HIPAA 164.312(c)(1) - Integrity - Users and processes without privileges can connect devices
HIPAA 164.312(c)(1) - Integrity - Memsfss feature is enabled
HIPAA 164.312(c)(1) - Integrity - Unity Interlock is enabled
HIPAA 164.312(c)(1) - Integrity - Unity window contents is enabled
HIPAA 164.312(e)(1) - Transmission Security - NFC on the vCenter is not configured for SSL
HIPAA 164.312(e)(1) - Transmission Security - Restrict port-level configuration overrides on VDS
HIPAA 164.312(c)(1) - Integrity - Virtual disk shrinking wiper is enabled
HIPAA 164.312(c)(1) - Integrity - Virtual disk shrinking is enabled
HIPAA 164.312(e)(1) - Transmission Security - The Forged Transmits policy is not set to reject
HIPAA 164.312(e)(1) - Transmission Security - MAC Address Changes policy is set to reject
HIPAA 164.312(e)(1) - Transmission Security - SNMP Server is running on the host
HIPAA 164.312(e)(1) - Transmission Security - The Promiscuous Mode policy is not set to reject
HIPAA 164.312(d) - Person or Entity Authentication - Active directory is not used for local user authentication
HIPAA 164.312(e)(1) - Transmission Security - Host firewall is not configured to restrict access
HIPAA 164.312(e)(1) - Transmission Security - BPDU filter is not enabled on the host
HIPAA 164.312(e)(1) - Transmission Security - The MAC Address Changes policy is not set to reject
HIPAA 164.312(d) - Person or Entity Authentication - Password policy for password complexity is not set
HIPAA 164.312(e)(1) - Transmission Security - VDS network healthcheck for Teaming Health Check is enabled
HIPAA 164.312(d) - Person or Entity Authentication - Bidirection CHAP auhtentication is not enabled
HIPAA 164.312(e)(1) - Transmission Security - Forged Transmits policy is set to reject
HIPAA 164.312(e)(1) - Transmission Security - Promiscuous Mode policy is configured to reject