Security Basics mailing list archives
RE: VMWare ESX security
From: "Donal Byrne" <donal.byrne () wexits com>
Date: Wed, 7 Jun 2006 11:35:55 +0100
To be honest there is not much to secure provided you set the High Security option after install. Once that has been done then it is really group and user management and file permissions that you need to worry about. If you use Virtual Center then it will manage User/Groups. You could check out the tips on the trivore website (http://trivore.com/vmware/esx25.html#links) for some things to consider. One other thing I have done in high security environments is to put the COS into an Out of Band Network or High Security VLAN in order to limit access to it. Also you can use ip restrictions at the MUI by editing the MUI httpd.conf and using allow/deny directives. This is a pain to admin though as with any major upgrade the httpd.conf gets overwritten so you need to keep copies of the previous confs handy. HTH DB -----Original Message----- From: Kedar Dhuru [mailto:kedar.security () gmail com] Sent: 04 June 2006 17:39 To: security-basics () lists securityfocus com Subject: VMWare ESX security Does anyone know of any security template or any security policy for deploying the VMWare ESX server in an enterprise environment? Kedar
Current thread:
- VMWare ESX security Kedar Dhuru (Jun 05)
- RE: VMWare ESX security Donal Byrne (Jun 07)