Public Draft (Revision A) of the vSphere 5.1 Security Hardening Guide available.
This is a Draft revision. The guidelines in the VM section underwent no change from 5.0 to 5.1, as the guidance has not changed. The guidelines for ESXi have undergone a preliminary test for correctness in vSphere 5.1. However, not all guidelines for vNetwork and vCenter have been tested. A "Draft Status" column is added to these two sections indicating test status for that guideline. "Tested" indicates that the steps in the "Assessment Procedure" field of the guideline have been verified for vSphere 5.1 in a live environment or through VMware documentation. If the assessment guidance is operational and non-specific, it is too generic to test, so status is N/A. The API and CLI fields have NOT been updated from the 5.0 version for any guideline in this revision.
A future draft revision will include guidance pertaining to SSO and the vCenter Server Virtual Appliance.
We welcome your comments on this draft.