In response to Gabes article on default installation settings there are some things I personally almost always do different and I wanted to point them out. Consider them my recommendations / best practices and not necessary VMware’s. I’ve added two (*) and have a different opinion on some of Gabe’s best practices (-)
- Although COS memory is “dynamic” I still always increase it to the full 800. The overhead of this in most of the servers(usually always 48GB+) is tiny. (-)
- Hostnames in lowercase characters; to avoid any HA issues. (*)
- I never change the name of the Service console portgroup, people are used to this name changing it leads to confusion in most cases and it is a critical part of your host. (-)
- Avoid using agents within the Service Console. (*)
- Mac address changes: Reject (-)
A best practice recommended by VMware PSO to ensure that when someone changes a MAC within the OS all inbound packets are dropped.
- Forged Transmit: Reject (-)
Setting Forged Transmits to reject ensures that the originator of the packet is validated. Any outbound frame with a MAC address that is different from the one currently set on the adapter will be dropped. Again a best practice recommended by VMware PSO.