Dear All,
We recently had Vmware health check assessment in our environment. In the report we got one observation as, "Following virtual machines have isolation settings which are not disabled" and for that Recommendation is "As a security enhancement, disabled certain unexposed features"
Please see attached screen shot from report pages, I am unable to find if this is really needed or not,
- please share your experiences what is the priority for this and it must be done or not? If not required what is the justification
- In case we want to do this how this can be done and this requires the virtual machine to be off state, or can be done Live ?
- While doing research for this I still unable to find from where to actually disable those settings in a virtual machine is this from GUI, please share
Esxi in use is 5.0 Update2
waiting for response,
Kind Regards,
I would ask for more information regarding these recommendations to bring clarity on the point. To me is sounds like they are talking about the host isolation address?
See attached URL for changing the security settings;
Security Considerations for Configuring VMware Tools
Additional information;
Auditors like this need to make some sort of recommendation to make you feel like you got your money's worth. If they can't find a useful recommendation, they will make ones like this.
Edit: and to prove my point, the screenshot actually says: "The functionality governed by these vectors is not exposed in ESXi". In other words, they are security issues that don't exist.
Message was edited by: Josh26