VMware vSphere

 View Only

  • 1.  vSphere ESXi and vCenter Hardening Guide

    Posted Jul 28, 2020 03:21 AM

    Hi, I'm working on the ESXi & vCenter hardening and is seeking for some guides. CIS Benchmark only has list for ESXi, and I found hardening guide for vSphere on VMWare website here.

    But there are some confusions, as I Googled, vSphere is a software suite that includes ESXi and vCenter, does it means I can use the guide above to perform hardening for both ESXi and vCenter?

    I'm not sure whether my understand is correct (e.g. there are top forums for vSphere VS vCenter here), any help/clarification would be much appreciated.



  • 2.  RE: vSphere ESXi and vCenter Hardening Guide
    Best Answer

    Broadcom Employee
    Posted Jul 28, 2020 04:16 AM

    Hi

    Security hardening document will cover most of the topics in securing your vSphere environment --> Security Hardening Guides - VMware Security | IN

    For enhancing security on vCenter, you can refer following document --> vCenter Server Security Best Practices



  • 3.  RE: vSphere ESXi and vCenter Hardening Guide

    Posted Jul 29, 2020 06:19 AM

    Hi, sorry, but do you mean I can use the Hardening Security Guide for both ESXi and vCenter?



  • 4.  RE: vSphere ESXi and vCenter Hardening Guide

    Broadcom Employee
    Posted Jul 29, 2020 08:10 AM

    Yes. It has some parameters which requires changes in vCenter, however most of the configurations are related to ESXi an VMs. For additional information related to securing vCenter, please refer the second link vCenter Server Security Best Practices

    Hope that helps



  • 5.  RE: vSphere ESXi and vCenter Hardening Guide

    Posted Jul 29, 2020 02:44 PM

    nlks

    You can look at :

    STIGs Document Library – DoD Cyber Exchange and search "vmware".

    I also recommend to use https://www.runecast.com/ with already built-in options to verify if you are in compliance with STIG, CIS, PCI DSS, ...