Looking to have a connection to multiple vCenters and tied to a single site. We have several of them :). From looking at docs, looks like there is a restriction of a single vSphere connection per site.
Would I need to configure a single site for each vCenter, then use an Asset Group to combine all discovered assets ?
I’m looking to consolidate all assets into a single site or a variety based on criteria but it looks like only a single site can contain a single vSphere connection.
Would be curious how others handle this.
The approach you defined is what would be recommended. Mostly for the situation that if assets in different Vcenters ever need to be scanned at different times or cadence fo scanning. I’ve had customer do it this way most of the time to give flexibility around external limitations around where those vcenters reside or different scanning requirements based on resource availability etc.
You also have the option to filter further when the connection is set up in a site and being used based on data gathered such as “DataCenter”, “Cluster”, “Resource Pool” etc. https://docs.rapid7.com/insightvm/initiating-dynamic-discovery#initiating-dynamic-discovery
Assets can only be put into one asset group after a scan has been run on systems, so if you are looking to only report on all assets in all VCenters, you can always put them all in one asset group or choose multiple sites or individual for reporting purposes. With increase in number of Vcenters, the number of connections and sites will go up, but will help keep things in order and easy to track down later.
Thanks for the confirmation. I’m ‘still’ learning R7 and what it can do. I was a vCenter admin for years prior so that world is second nature. It’s how best to report based on some environmental things, prod, pre-prod among other criteria. I’ll play around a little bit and see what works best. Thanks for confirmation.