Can anyone put the risk of not setting the policy for "forged transmits" and "promiscuos mode" to reject into management freindly speak. In terms of if this policy is NOT set to reject, whats the risk in terms of data security/availablity/other, and the likelehood that this issue could be exploited, and by whom? Its in the hardening guides with some commentry on the risk, and the compliance checkers raise it as an issue, but its not all that clear on the exact risk and likelehood of that risk being exploited/occuring, and what ultimately could happen if the risk was exploited (managers usually go on performance/data security to take note of such issues).
How much of an issue is this in your vmware expert opinions? High risk, medium, low, hardly an issue at all?