Avatar of mamelas
mamelas
Flag for Greece asked on

Securing vSphere Datastores/Vmdks from Remote access

Hi there Experts,

I have recently joined vmware’s platform but my main concern now is the security of the VMs from a Remote Users Group.

From permissions perspective I have blocked the browse datastore, Low level file operations and I have also confirmed that take snapshot option and export to ovf file are disabled for the group of remote users.

Q1) Do I miss any other permission that I should block?

Q2) If a remote user uses his credentials to access the datastores via 3rd party software such
as WinSCP, will be able to eventually browse and copy the datastores??

Q3) Is there any auditing/logging while performing operations to the datastores/vmdks?
(such as for example download operations or export operations)

Q4) Assuming that someone has eventually downloaded the vmdks and
since a windows admin password does not actually protect the access to the files,
is there any native/built-in encryption to the vmdk files?

Thanks,
VMwareVirtualizationStorage

Avatar of undefined
Last Comment
mamelas

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Robin CM

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
mamelas

ASKER
Thank you so much for your accurate and in detail answers!
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy