Solved

how to effectively secure your VMware infrastructure?

Posted on 2014-11-07
1
272 Views
Last Modified: 2014-11-08
Hello Experts,

Can someone please summarize all high level steps to secure your VMware infrastructure?

Please consider all aspects, Vcenter, hosts, VMs, root users, switches, datastore, AD, and so on

Thanks in advance
0
Comment
Question by:Jerry Seinfield
1 Comment
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40429478
All the passwords that we use on the Hosts and vCenter Server are very secure, 20 chars, upper, lower case, numbers and special chars.

SSH is disabled on the Hosts.

Hosts are part of Active Directory, root access is limited to three users.

Access to vCenter Server is limited to a group of VMware Admins, which are not Domain Admins.

We networks, for Desktops, Servers, Storage (iSCSI and NFS).

We use CHAP Auth on iSCSI.

NFS Exports are limited to Host IP Addresses.

Storage is on a dedicated Physical Storage Network which hosts are physically connected to, for iSCSI and NFS, so storage does not transverse the Server or Desktop network.

So we are secure.

We are on the latest patches, all Servers are running Windows Firewall as defined by Group Policy.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CPU issues on VMHOST and child VMs 10 87
VMware 6.0 client integration plugin not working 2 72
VAAI  technology 2 57
chef or Puppet - Devops career 8 30
If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Teach the user how to edit .vmx files to add advanced configuration options Open vSphere Web Client: Edit Settings for a VM: Choose VM Options -> Advanced: Add Configuration Parameters:
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question