VMware published the draft version of the vSphere Security Hardening Guide. Keep in mind that it’s still draft and needs tweaking. The Team needs your feedback, so if you have any comments please don’t hesitate to reach out and leave a comment on the community forums.
Overall, there are more than 100 guidelines. The guide itself is split into the following major sections:
- vSphere 4.0 Security Hardening Guide: COS (Rev B)
- vSphere 4.0 Security Hardening Guide: vCenter (Rev B)
- vSphere 4.0 Security Hardening Guide: vNetwork (Rev B)
- vSphere 4.0 Security Hardening Guide: Host (Rev B)
- vSphere 4.0 Security Hardening Guide: Virtual Machines (Rev B)
- vSphere 4.0 Security Hardening Guide: Introduction (Rev B)
Please bare in mind the following:
Another new aspect of the guide is the desire to create it with input from the VMware community. This draft is available for public comment for a period of approximately one month. VMware’s intention is to incorporate public feedback into the next revision of the guide, which will be the final version. However, this current revision is the result of a private review of an initial draft, and so we believe that the final version will not differ too significantly. This revision can therefore be used for customer production deployments today, with the caveat that some new guidelines might be added and some existing ones slightly modified.
Thanks Charu for posting these! They contain really valuable info.