Default value for the parameter isolation.device.c...

borjaglez · ‎03-26-2015

I am checking configuration files following the vsphere 5.5 hardening guide.

I have checked the vmx file of a virtual machine, and I don't find the line isolation.device.connectable.disable = TRUE. Is the default value TRUE? or the lack of this line in the vmx file means that the parameter is set to FALSE?. I have seen in the hardening guide that the desired value is not the default value, but at the same time I find in the Knowledge base of vmware, that by default this functionality is disabled.

Thanks a lot

admin · ‎03-26-2015

I don't know specifically for that setting, but it's not unusual for advanced settings to be unspecified in the vmx file, you actually have to add the setting to override the default behavior. So I'd say there's nothing strange in what you're seeing.

borjaglez · ‎03-27-2015

Thanks for the answer. I am writing a script to analyze vmx files belonging to many virtual machines, in order to have a report about security weaknesses. I need to know if the lack of the parameters means a vulnerability or not, but I guess that the best is always to define the desired value on the vmx file.

All

Default value for the parameter isolation.device.connectable.disable