Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

how to effectively secure your VMware infrastructure?

Posted on 2014-11-07
1
271 Views
Last Modified: 2014-11-08
Hello Experts,

Can someone please summarize all high level steps to secure your VMware infrastructure?

Please consider all aspects, Vcenter, hosts, VMs, root users, switches, datastore, AD, and so on

Thanks in advance
0
Comment
Question by:Jerry Seinfield
1 Comment
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40429478
All the passwords that we use on the Hosts and vCenter Server are very secure, 20 chars, upper, lower case, numbers and special chars.

SSH is disabled on the Hosts.

Hosts are part of Active Directory, root access is limited to three users.

Access to vCenter Server is limited to a group of VMware Admins, which are not Domain Admins.

We networks, for Desktops, Servers, Storage (iSCSI and NFS).

We use CHAP Auth on iSCSI.

NFS Exports are limited to Host IP Addresses.

Storage is on a dedicated Physical Storage Network which hosts are physically connected to, for iSCSI and NFS, so storage does not transverse the Server or Desktop network.

So we are secure.

We are on the latest patches, all Servers are running Windows Firewall as defined by Group Policy.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Upload an ISO image to a VMware datastore for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere Host Client, and checking its MD5 checksum signature is correct.  It's a good idea to compare checksums, because many installat…
Teach the user how to convert virtaul disk file formats and how to rename virtual machine files on datastores. Open vSphere Web Client: Review VM disk settings: Migrate VM to new datastore with a thick provisioned (lazy zeroed) disk format: Rename a…
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question