VMware vSphere Security Hardening Guide

The VMware vSphere Security Hardening Guide is an Excel document provided by VMware that lists more than 150 recommendations to systems administrators to further secure their vSphere environment.

The guide covers areas the hardware, management tools and hypervisors that make up vSphere, such as ESXi hosts, the virtual network, and the core vCenter components, including vCenter Server, the vSphere Web Client, SSO and vSphere Update Manager.

The guide shows the administrator how to make the changes and whether there is a potentially negative impact. Most of the spreadsheet does not require administrators to make changes but to ensure that default values stay the same. Different organizations have different compliance regulations that dictate how secure a hypervisor needs to be.

VMware attaches a "risk profile" column to each guideline to indicate the relative increase in security if the guidelines are enacted. Environments with strict security rules should follow the recommendations for risk profile 1. Environments with sensitive information or compliances would follow risk profile 2. Most, if not all, environments would follow the recommendations for risk profile 3.

This was last updated in May 2015

Continue Reading About VMware vSphere Security Hardening Guide

Dig Deeper on VMware ESXi, vSphere and vCenter