2012 VMware vSphere Security Hardening Guide: Best Practices

VMware securityLet’s talk VMware security. Is your ESXi root password still “password”, or even better “password1”?

I’ve seen a lot of weird and cool passwords, but passwords are just one form of security. Today while surfing Twitter I ran into a tweet by @VMware and thought it would be good to write this post about it.

VMware 5.0 Security Hardening Guide Released – Official Guide” June 01, 2012

The first thing that came to my mind was – hasn’t ESXi 5.0 already been out 6 months? Just asking…

When I downloaded the file (HardeningGuide-vSphere50-v1.0),  I found it was an Excel file with serval tabs: Intro, VM, EXSi, vNetwork and vCenter.

Each tab consisted of pretty good information which I will not go into because I have linked to the file and you can download it for yourself.

The guide covers security hardening pretty good but what about security best practices?

3 Security Best Practices to Make VMware More Secure

 1. iLo and Virtual Connect

Something else I would like to note is this file covers hardening VMware, but security best practices also cover hardening access to your physical servers, storage and network equipment via direct access to the data center or through a remote management console such as iLo and Virtual Connect (HP). Hackers don’t have to log into VMs, ESXi or vCenter to cause an outage or problems.

2. Think of vCenter as your DC

Another best practice that I have always found difficult is limiting access to your vCenter. This has gotten harder to do because more and more IT departments are required to let everyone provision their own VMs (they say it’s Agile), and if you do not have vCloud Director or another form of self service portal, good luck keeping things secure. Think of vCenter as your DC, do you let any anyone just walk in there?

3. Automation Service Accounts

You also have to be aware that the service account being used by any automation can also be used by hackers – keep these account names and passwords locked away, but available in case the person that created it decides one day to quit and then you are SOL.

This concludes this post on VMware Security Hardening and Best Practices. Do you have any feedback or suggestions, we would like to hear them – please comment below.

Leave a Reply

vSphere Data Protection EOA
Finding The Best vSphere Backup Replacement For VDP (3 Alternatives)

Important Notification: vSphere Data Protection (VDP) End of Availability (EOA) That...

vSphere 6
8 Updates That Make vSphere 6 Better – Keith Barker

Editor’s note: Keith Barker has been a CBT Nuggets Trainer since 2012. Some...

VMware Interview Questions
25 VMware Interview Questions And Answers: Tough & Technical (Download PDF)

Free VMware vSphere Interview Guide In this VMinstall Guide, I’ll share...

Project Photon
VMware Project Photon: Technical Review for Linux Admins

My quick and dirty review of Project Photon. I was very happy...

The Best Blockchain Jobs
10 Best Blockchain Jobs Near You (Perfect Match For DevOps Skills)

We’ll cover the best Blockchain jobs in a minute but first, let...

DevOps Plan
Best DevOps Strategy Hack (Winners Start With Why)

What is DevOps? It’s a model. It’s a culture. It’s a...

DevOps Tools Download
DevOps Toolchain: Download 3 Free Tools Used By Pros (Ansible, Git, Jenkins)

Hack Your Resume with DevOps Skills Lately, I’ve been getting a...

DevOps Guide
The Best Microsoft DevOps Skills: 25+ For Windows SysAdmins

What is Microsoft DevOps? This is an interesting question because first off,...

Assessing Your Company's Cloud Readiness
13 Cloud Readiness Assessment Tips To Guide Your Migration Success (Updated)

Planning your migration to the cloud? If you’re planning to move...

How Bare Metal Virtualization Made Cloud Computing A Reality
How Bare Metal Virtualization Made Cloud Computing A Reality

An Overview of Bare Metal Virtualization Let’s start by explaining what...

Advantages of Cloud Computing
Advantages of Cloud Computing (Private versus Public)

Advantages of Cloud Computing Whether you’re an enterprise IT department planning...

Free Offical Amazon VPC & EC2 Cloud Guides for Beginners

Free Cloud Guides for Beginners Are you researching Amazon’s AWS Virtual...

What’s So Interesting About Woz U?

On 10/12/2017, I had the privilege of attending the AZ Tech...

tensorflow training
TensorFlow Tools for Beginners (7 Easy Takeaways To Get You Started)

Introduction To Deep Learning As a follow-up to my book review...

job rut
How To Get MOVING When You’re Stuck In A Career Rut (Video)

You worked hard to get your degree and after graduation you...

Storage Engineer Skills
Why Storage Engineer Skills Are HOT! (Can You Say Big Data?)

3 BIG Skills New Storage Engineers Are Missing Out On… Behind...

VULTR Reviews
VULTR Review And Comparison: Best VPS Platforms Now Thru 2018
Website for Small Business
Best Small Business Website Packages (6 Alternatives That Rank!)
Click here to learn how to Optimize WordPress Speed
WordPress Speed Optimization: Learn To Rank Higher In Google
Best Hosting for WordPress
Case Study: Best VPS For Easy WordPress Migration