Just entered my mailbox, there is a new rev of the vSphere 5.1 hardening guide which was spoken about on the last Virtualization Security Podcast. This version of the hardening guide adds a much needed new feature: Profiles. Profiles define the level of security requirements based on small and medium business, enterprises, and government agencies. There is a public review for the guide over the next two weeks, so if you want to comment or read the latest draft of the vSphere hardening guide please visit http://communities.vmware.com/docs/DOC-22783.

Given the introduction of profiles some of the security hardening suggestions have also been revised and updated to meet requirements of  your level of security. No longer do you need to practice draconian measures but can meet your existing requirements. Just map your requirements to the specific profile and follow that profile’s guidance.

All in all, this is a fairly major improvement in the hardening guide. There is more to do of course, regarding scope of the guide, but some of that falls into operational issues more than actual hardening of the environment. I still worry about the connections between components and eventually I expect the guidance to cover all these requirements.

Please remember that the lowest hanging fruit of virtualization security, regardless of hypervisor, is to protect your management constructs!

Share this Article:

Share Button
Edward Haletky (368 Posts)

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.

[All Papers/Publications...]

Connect with Edward Haletky:


p5rn7vb

Related Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *


8 × = forty eight