Solved

how to effectively secure your VMware infrastructure?

Posted on 2014-11-07
1
279 Views
Last Modified: 2014-11-08
Hello Experts,

Can someone please summarize all high level steps to secure your VMware infrastructure?

Please consider all aspects, Vcenter, hosts, VMs, root users, switches, datastore, AD, and so on

Thanks in advance
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 121

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40429478
All the passwords that we use on the Hosts and vCenter Server are very secure, 20 chars, upper, lower case, numbers and special chars.

SSH is disabled on the Hosts.

Hosts are part of Active Directory, root access is limited to three users.

Access to vCenter Server is limited to a group of VMware Admins, which are not Domain Admins.

We networks, for Desktops, Servers, Storage (iSCSI and NFS).

We use CHAP Auth on iSCSI.

NFS Exports are limited to Host IP Addresses.

Storage is on a dedicated Physical Storage Network which hosts are physically connected to, for iSCSI and NFS, so storage does not transverse the Server or Desktop network.

So we are secure.

We are on the latest patches, all Servers are running Windows Firewall as defined by Group Policy.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question