Solved

how to effectively secure your VMware infrastructure?

Posted on 2014-11-07
1
275 Views
Last Modified: 2014-11-08
Hello Experts,

Can someone please summarize all high level steps to secure your VMware infrastructure?

Please consider all aspects, Vcenter, hosts, VMs, root users, switches, datastore, AD, and so on

Thanks in advance
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40429478
All the passwords that we use on the Hosts and vCenter Server are very secure, 20 chars, upper, lower case, numbers and special chars.

SSH is disabled on the Hosts.

Hosts are part of Active Directory, root access is limited to three users.

Access to vCenter Server is limited to a group of VMware Admins, which are not Domain Admins.

We networks, for Desktops, Servers, Storage (iSCSI and NFS).

We use CHAP Auth on iSCSI.

NFS Exports are limited to Host IP Addresses.

Storage is on a dedicated Physical Storage Network which hosts are physically connected to, for iSCSI and NFS, so storage does not transverse the Server or Desktop network.

So we are secure.

We are on the latest patches, all Servers are running Windows Firewall as defined by Group Policy.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will learn how to backup a VMware farm using Nakivo Backup & Replication. In this tutorial we will install the software on a Windows 2012 R2 Server.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question