Hi, I would like to know the best practice to secure an ESX server. Does we need to do something when put the server in production like a secure to do list?
Thanks
have a look at this:
http://www.yellow-bricks.com/2010/01/26/draft-version-of-the-vsphere-security-hardening-guide-availa...
and this:
http://www.yellow-bricks.com/2010/02/08/vsphere-security-hardening-guide-script-by-lamw/
See also:
http://communities.vmware.com/docs/DOC-12306
Based off the best the VMware document and very similar is the CIS benchmark.
They just recently updated it for ESX v4.x
https://www.cisecurity.org/tools2/vm/CIS_VMware_ESX_Server_4_Benchmark_v1.0.0.pdf
