Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

vpshere device management checks

Posted on 2012-04-13
8
317 Views
Last Modified: 2012-04-13
The vsphere compliance checker checks for some issues around “devices”, specifically:

•      Ensure unauthorised devices are not connected

•      Prevent unauthorised removal connection and modification of devices

1)      For starters, what is the definition of “unauthorised device”, and when they say “connected”, connected to what?

2)      Who could (what permissions would they need) connect an unauthorised device?

3)      What is the overall risk in connecting an unauthorised device?

4)      How does this setting prevent this, and who is it preventing?

5)      When they refer to “removal” or “modification”, can you explain what they mean, and their definition of device?

6)      What is the overall risk in removing or modifying a device? Who could do it? And how does this setting prevent such?
0
Comment
Question by:pma111
  • 5
  • 3
8 Comments
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 37841767
floppy drive, cdrom drive or USB devices to the VM.

then you have the same issues, as a physical computer, letting users copy data to floppy drive, cdrom drive or USB devices, which could result in the stealing of data.
0
 
LVL 119
ID: 37841772
1. floppy drive, cdrom drive or USB devices to the VM.

2. VMware Administrators as defined by vCenter.

3. Stealing Data

4. Remove all devices from the VM

5. Remove or Add a floppy drive, cdrom drive or USB plug and play

6. VMware Administrators
0
 
LVL 3

Author Comment

by:pma111
ID: 37841789
Is there any valid case whereby a VM would need a CD ROM, USB drive etc?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 119
ID: 37841810
Yes, install software?
0
 
LVL 3

Author Comment

by:pma111
ID: 37841833
So in such cases youd have to lift the policy setting to allow them to do so, and then reapply it after?
0
 
LVL 119
ID: 37841844
if you need to add a cdrom.
0
 
LVL 3

Author Comment

by:pma111
ID: 37841933
Is that the only way they could steal data from within vcenter, i.e. by adding a device like CD ROM?
0
 
LVL 119
ID: 37842154
vCenter allows the addition of devices.

you cannot steal data, other than copy and paste from the console, but you cannot copy and paste files.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When converting a physical machine to a virtual machine using VMware vCenter Converter Standalone or vCenter Converter Enterprise, if an adapter type is not selected during the initial customization the resulting virtual machine may contain an IDE d…
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question