RE: VMWare ESX security

["Donal Byrne" <donal.byrne () wexits com>]

To be honest there is not much to secure provided you set the High Security
option after install. Once that has been done then it is really group and
user management and file permissions that you need to worry about. If you
use Virtual Center then it will manage User/Groups. You could check out the
tips on the trivore website (http://trivore.com/vmware/esx25.html#links) for
some things to consider. One other thing I have done in high security
environments is to put the COS into an Out of Band Network or High Security
VLAN in order to limit access to it. 
Also you can use ip restrictions at the MUI by editing the MUI httpd.conf
and using allow/deny directives. This is a pain to admin though as with any
major upgrade the httpd.conf gets overwritten so you need to keep copies of
the previous confs handy.

HTH
DB 

-----Original Message-----
From: Kedar Dhuru [mailto:kedar.security () gmail com] 
Sent: 04 June 2006 17:39
To: security-basics () lists securityfocus com
Subject: VMWare ESX security

Does anyone know of any security template or any security policy for
deploying the VMWare ESX server in an enterprise environment?
Kedar