Solved

VMX settings recommended by Hardening Guide not in vmx files

Posted on 2014-10-24
2
290 Views
Last Modified: 2014-10-24
I have something called the "vSphere 5.5 Security Hardening Guide" and it recommends that the following values be put into the individual Virtual Machine vmx files.

My question is: Why aren't these values in my current vms files at all?  It's not that I have to check to see if the values are set as recommended, but the settings themselves don't exist in the vmx files.

Can I just add them in?  Or is the fact that they are not there at all a problem?

Thanks.

The recommended settings:

isolation.tools.diskShrink.disable = "TRUE"
isolation.tools.diskWiper.disable = "TRUE"
vmci0.unrestricted = "FALSE"
isolation.device.connectable.disable = "TRUE"
RemoteDisplay.maxConnections = "2"
log.keepOld = "10"
log.rotateSize = "100000"
tools.setInfo.sizeLimit = "1048576"
0
Comment
Question by:gateguard
2 Comments
 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 40402288
They are never in the VMs by default, you need to add them, if these Risks apply to your Security and Governance at your organisations, go ahead and add them, they will cause no issues.

Make sure you shutdown the VM first, and enter them through the Advanced Settings.
0
 

Author Closing Comment

by:gateguard
ID: 40402298
Thank you, Andrew.  Much appreciated.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
Teach the user how to edit .vmx files to add advanced configuration options Open vSphere Web Client: Edit Settings for a VM: Choose VM Options -> Advanced: Add Configuration Parameters:
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now