Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 275
  • Last Modified:

unauthorised devices connected

1, the vmware compliance checker flags it as an issue if unauthorised hardware are attached to a host (i.e. USB, floppy, IDLE, SERIAL etc), but what is the risk? Why would there be USB drives, IDLE, SERIAL etc drives attached to hosts? Surely its only admins who could access whatevers on them anyway, so I dont really see how this is a security issue? Normal domain users wouldnt be able to access drives attached to hosts would they?

2, Also - what determines which guests on a host can access the drive youve plugged in to a host? Say I have a host with 10 guests, and plug in a USB thumb drive, can all guests access this drive, or if not how do you determine which.
0
pma111
Asked:
pma111
  • 2
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
1. Does your company have a data theft policy?

An Administrator, which has been paid off to steal data, could easily add a small USB device, connect to the host, and steal data!

this is how easy it is todo!

HOW TO: Add and Connect a USB Device to a Virtual Machine, hosted on VMware vSphere Hypervisor ESX 4.1 ESXi 4.1, ESXi 5.0

It really depends, how your Security in your organization, I know of plenty of clients, that prohibits the connection of USB flash drives to Desktop computers!

Normally hosts are in a secure area, e.g. the datacentre, or machine room, users are not normally allow in. But an Administrator with a hidden agenda, could steal VMs or data easily.

Not all Risks in the Compliance Checker, are possibly going to be Risks for your organization, but some organizations, they are applicable.

You need to make an assessment, as to how Risky, they are to you.

2. Yes, if configured to, see above!
0
 
pma111Author Commented:
How can you get a report of what devices are currently attached to each host? Is the compliance checker also going to report on drives in the host itself, i.e. internal hard disc drives.

I assume accessing what info is on these drives is not typically do-able over the network by basic users, i.e. youd need admin level access to the guest to do so?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
The Compliance checker, will confirm if devices can be connected to the VM.

Administrator access is required to access the virtual machine disks.

The vSphere Security Hardening Script can report if a VM is connected to a device.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now