🔐 Check VMware ESXi Hosts for Ransomware Protection with PowerCLI


Cybersecurity threats, especially ransomware, are constantly evolving, so it’s important to regularly audit your ESXi hosts to ensure they have the proper protections enabled. Today I want to share a simple but effective PowerCLI script, Get-RansomwareProtectionStatus, that quickly checks your VMware hosts for important ransomware-related security configurations.

🚀 What This Script Does
This script focuses on three key settings that enhance protection against ransomware on your ESXi hosts:

  • Encryption Mode: Checks whether TPM-based encryption is active.
  • Secure Boot Enforcement: Confirms Secure Boot is enabled.
  • Exec-Installed-Only Mode (Configured & Runtime): Ensures only binaries from installed VMware VIB packages can execute.

Having these settings properly configured greatly reduces the risk of unauthorized code execution—exactly what you want to fight ransomware!

🔧 How to Use the Script

Here’s how simple it is. First connect to your vCenter and then run a script.

.\Get-RansomwareProtectionStatus.ps1 <HOST>

It generates a clear, colored summary, instantly telling you what’s secure and what needs your attention.

.\Get-RansomwareProtectionStatus.ps1 fs-vsan-05.int.dc5.cz

Green means you’re good; red ? You’ve got work to do! Look to the official documentation:

ESXi 8.0 – https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/vsphere-security-8-0/securing-esxi-hosts/securing-the-esxi-configuration/managing-a-secure-esxi-configuration.html

ESX 9.0 – https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/9-0/vsphere-security/securing-esxi-hosts/securing-the-esxi-configuration/managing-a-secure-esxi-configuration.html

🛠️ Customize and Automate It

You can integrate this script into your monitoring routines, run it on multiple hosts with automation tools like Ansible Semaphore or GitLab CI, or even schedule regular audits.

Pro Tip: Save your reports to a file or push results directly to your monitoring dashboard to track security over time!

📦 Get the Script

Check out the script in my GitHub repo [link here] and let me know your thoughts! Direct link to script [here]

Feel free to comment or ping me on social media if you’ve enhanced it further or found a creative use case. Stay secure! 🛡️

vDefend is now a part of VMUG Advantage

vDefend is now a part of VMUG Advantage

A home lab is an engineer’s paradise – offering a safe space to experiment, troubleshoot, and master new technologies at their own pace. VMware by Broadcom supports this method of hands-on learning, and now, with VMUG Advantage, membership benefits now include access to the VMware vDefend license.


Broadcom Social Media Advocacy

VMUG Webcast: Unlocking the Power of VCF:…

Register to join this two-part in-depth #VMUG webinar exploring the latest innovations in #VCF, with Broadcom Product Marketing Engineers: Dimitri Desmidt, Eric Gray, Feidhlim O’Leary, Kyle Gleed, Pete Koehler and Puneet Chawla. July 1 and July 8.

VMUG Webcast: Unlocking the Power of VCF:…

Join Part II of this in-depth webinar exploring the latest innovations in VCF, with Broadcom Product Marketing Engineers: Dimitri Desmidt, Eric Gray, Feidhlim O’Leary, Kyle Gleed, Pete Koehler and Puneet Chawla.


Broadcom Social Media Advocacy

Deploying VCF 9 in a Minilab _ fojta.wordpress.com

Deploying VCF 9 in a Minilab _ fojta.wordpress.com

Recently released VCF 9 combines vSphere 9, NSX 9, new Lifecycle and Operational tooling via VCF Operations, Fleet Management and Logs and with brand new fully multitenant cloud management platform VCF Automation. Is it possible to run all that in a home minilab consisting of just 2 GMKtec K8 […]


Broadcom Social Media Advocacy

Use Cases for VMware Private AI Foundation with…

Use Cases for VMware Private AI Foundation with…

In this blog, with the release of VMware Cloud Foundation (VCF) 9.0, we explore three separate technical use-cases for VMware Private AI Foundation with NVIDIA. We show some of the high-level steps to achieve these use cases and give the rationale behind each one. Use Case 1: Models as a […]


Broadcom Social Media Advocacy

Step by Step vCenter Server 9.0 Installation with Screenshots

In this post, I’ll walk you through the installation step by step, with screenshots for every important click along the way. Whether you’re setting up a lab or preparing for production, these pictures will make sure you don’t miss a thing. Let’s dive in!

Mount ISO image and run installer

Deploy new vCenter Server

Check “I accept the terms of the license agreement.”

Fill the ESXi host DNS name/IP or vCenter DNS/IP + credentials.

Accept the certificate

Provide a new vCenter VM Name and root password.

Choose deployment size based on your environment.

Pick datastore where the new vCenter will be deployed.

Fill all the netwok details.

Final review before deployment.

Deployment in progress

Stage 2

choose “Setup”

Continue with Stage 2

Fill vCenter configuration, DNS servers, NTP’s, Allow/disallow SSH access.

Create new or join existing SSO domain.

Configure CEIP

Review

Warning as after this point there is no way back.

Stage 2 deployment and configuration

Stage 2 progress

Stage 2 completed. Click on the link…

Accept SSL certificate as the initial SSL certificate is self-signed.

vCenter Web page

Login to the vCenter WebUI client

Welcome to your new vCenter 9.0

vCenter 9 in dark mode