Trying to satisfy an auditor . . .
Right now I have an ESXi (free license) server with a Windows 2008 R2 server running on it (local hard drives). If that entire server is stolen, what can I say about the security? How can the vmfs be accessed? Can another ESXi server just read the vmfs or does that server somehow need access granted? (That's also a good question for disaster recovery.) Right now the guest is set to autostart. Would it actually help to set it to manual startup? My theory: if the vmfs/datastores are completely secure (are the encrypted? is it possible to encrypt?) it's meaningless if the guest isn't secure from the network as the ESXi server can boot up and load the guest automatically. You can hack on the server from the network for as long as you like. BUT if it's set to manual startup, then they have to have username/password access to the ESXi server in order to even boot the guest. I just have to make sure I don't cut my arm off, I think (active directory authentication but you can't authenticate because the server is down but you can't boot the server because of manual startup . . .)
I've read through several VMware documents related to security and certification. I just want to be certain of my answers in the almost "worst case" scenario of a completely intact system stolen -- so the bad guys have all kinds of time to try and hack it. (Worst case scenario would be stolen with the UPS so the system remains powered on.)