Solved

how to effectively secure your VMware infrastructure?

Posted on 2014-11-07
1
267 Views
Last Modified: 2014-11-08
Hello Experts,

Can someone please summarize all high level steps to secure your VMware infrastructure?

Please consider all aspects, Vcenter, hosts, VMs, root users, switches, datastore, AD, and so on

Thanks in advance
0
Comment
Question by:Jerry Seinfield
1 Comment
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40429478
All the passwords that we use on the Hosts and vCenter Server are very secure, 20 chars, upper, lower case, numbers and special chars.

SSH is disabled on the Hosts.

Hosts are part of Active Directory, root access is limited to three users.

Access to vCenter Server is limited to a group of VMware Admins, which are not Domain Admins.

We networks, for Desktops, Servers, Storage (iSCSI and NFS).

We use CHAP Auth on iSCSI.

NFS Exports are limited to Host IP Addresses.

Storage is on a dedicated Physical Storage Network which hosts are physically connected to, for iSCSI and NFS, so storage does not transverse the Server or Desktop network.

So we are secure.

We are on the latest patches, all Servers are running Windows Firewall as defined by Group Policy.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
HOW TO: Upload an ISO image to a VMware datastore for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere Host Client, and checking its MD5 checksum signature is correct.  It's a good idea to compare checksums, because many installat…
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question