2012 VMware vSphere Security Hardening Guide: Best Practices

VMware securityLet’s talk VMware security. Is your ESXi root password still “password”, or even better “password1”?

I’ve seen a lot of weird and cool passwords, but passwords are just one form of security. Today while surfing Twitter I ran into a tweet by @VMware and thought it would be good to write this post about it.

VMware 5.0 Security Hardening Guide Released – Official Guide” June 01, 2012

The first thing that came to my mind was – hasn’t ESXi 5.0 already been out 6 months? Just asking…

When I downloaded the file (HardeningGuide-vSphere50-v1.0),  I found it was an Excel file with serval tabs: Intro, VM, EXSi, vNetwork and vCenter.

Each tab consisted of pretty good information which I will not go into because I have linked to the file and you can download it for yourself.

The guide covers security hardening pretty good but what about security best practices?

3 Security Best Practices to Make VMware More Secure

 1. iLo and Virtual Connect

Something else I would like to note is this file covers hardening VMware, but security best practices also cover hardening access to your physical servers, storage and network equipment via direct access to the data center or through a remote management console such as iLo and Virtual Connect (HP). Hackers don’t have to log into VMs, ESXi or vCenter to cause an outage or problems.

2. Think of vCenter as your DC

Another best practice that I have always found difficult is limiting access to your vCenter. This has gotten harder to do because more and more IT departments are required to let everyone provision their own VMs (they say it’s Agile), and if you do not have vCloud Director or another form of self service portal, good luck keeping things secure. Think of vCenter as your DC, do you let any anyone just walk in there?

3. Automation Service Accounts

You also have to be aware that the service account being used by any automation can also be used by hackers – keep these account names and passwords locked away, but available in case the person that created it decides one day to quit and then you are SOL.

This concludes this post on VMware Security Hardening and Best Practices. Do you have any feedback or suggestions, we would like to hear them – please comment below.

WAIT! Before You Go... Join Other Go-Getters

Enter your name & email address below to get started.

We're listening. Go ahead and share your ideas?

vSphere 6
8 Updates That Make vSphere 6 Better – Keith Barker
25 VMware Interview Questions: Tough & Technical (Download)
VMware jobs in Phoenix
VMware Jobs in Phoenix Arizona (Comparing Opportunities)
DevOps training
10 Reasons VMware Admins Should Boost OpenStack Skills
DevOps Tools
DevOps Toolchain: Download 3 Free Tools Used By Pros (Ansible, Git, Jenkins)
MSDevOps Guide
Microsoft DevOps: 25+ Power-Packed Windows SysAdmin Skills (NEW Guide!)
continuous integration tools
DevOps Training Courses That Will Give You The Edge (Perfect For Beginners Who Want Skills That Are Noticed By Google & Facebook…)
Why DevOps Fails: How To Get Back On Track
Why DevOps Fails: How To Get Back On Track
Click here to learn how to Optimize WordPress Speed
WordPress Speed Optimization: Part 4 – VPS Case Study To Make VMinstall.com Rank Higher In Google Through Faster Hosting & High Availability @ Lower Cost
Best Hosting for WordPress
Case Study: Best VPS For Easy WordPress Migration
cloudways review updated
Cloudways Review: 12 Pros & Cons From My Deep Dive Testing (VPS Series: Part 2)
ServerPilot Review: Installing WordPress On DigitalOcean (VPS Series: Part 1)
Storage Engineer Skills
Why Storage Engineer Skills Are HOT! (Can You Say Big Data?)
Rise of the Robots
I’m Amazed After Reading Rise of the Robots – Best Jobs In 2017 (You won’t Guess what’s going on!)
top virtual reality jobs
30+ Awesome Virtual Reality Jobs That Take You From Boring To Amazing! (Must Read…)
Thinking Like Seth Godin
How To STOP A 300% Salary Loss Because YOU Think Like A SysAdmin: Start Thinking Like Seth Godin (Read Now!)
3 Open Source Storage Software Alternatives For Beginners
shades of devops
Free DevOps eBook Project (Read It Now!)
How to install Genymotion
How To Install Genymotion for Beginners (Includes Google Play)
20 Questions VMware Newbies Want Answered (Free Career Guide)