VMware Cloud Community
defrogger
Enthusiast
Enthusiast
Jump to solution

Vmware Tools upgrade is it necessary for Security

Hello, Im taking over a VMware Environment that is running a good handful of Linux VM's.  We are currently running VMware 5.1 update 3 on all the hosts.

Im not a Linux guy and im going to have to start learning more about Linux, but I noticed allot of the VM's here that have Linux, either don't have VMware tools installed or are out of date.  Its a mixture of Red Hat Enterprise 6, SUSE Linux 11, CentOS 4/5/6/7, and Ubuntu.

My first concern is Security, from a Security standpoint should I be getting these Linux VM's updated with the latest VMware Tools, or for that matter getting it installed on them?

From a functionality standpoint im told the VM's are running fine. 

Thanks

Mike

1 Solution

Accepted Solutions
RMahon1990
Enthusiast
Enthusiast
Jump to solution

Hi Defrogger,

I have a few Linux VMs in my environment and I have VMware tools installed, Its always good to keep them up to date.

They also provide the necessary drivers for the VM Client to interact with the ESXi host reliably. This interface also allows the ESXi host to be able to check on the health of the VM client while it is operating.


Here is a link below to help you install vmware tools on linux servers


VMware Tools for Linux Guests


Rob

View solution in original post

Reply
0 Kudos
4 Replies
JarryG
Expert
Expert
Jump to solution

If security is your main concern, the best option is not to have vmware-tools installed at all. First it needs modular kernel with auto-loading (which can be quite dangerous feature), and moreover it insists on some strange options in kernel-sources being activated (i.e. direct graphics rendering).

If you can live without clean shutdown from vmware-client ability (you can still use "suspend" instead, which is maybe even better), there is no reason to have tools installed. Driver for vmxnet3 is included in kernel-tree already for some time...

_____________________________________________ If you found my answer useful please do *not* mark it as "correct" or "helpful". It is hard to pretend being noob with all those points! 😉
RMahon1990
Enthusiast
Enthusiast
Jump to solution

Hi Defrogger,

I have a few Linux VMs in my environment and I have VMware tools installed, Its always good to keep them up to date.

They also provide the necessary drivers for the VM Client to interact with the ESXi host reliably. This interface also allows the ESXi host to be able to check on the health of the VM client while it is operating.


Here is a link below to help you install vmware tools on linux servers


VMware Tools for Linux Guests


Rob

Reply
0 Kudos
bykreddy
Enthusiast
Enthusiast
Jump to solution

Hi,

As far as security is concerned VMtools are no way related to the security of the VM ( Linux server)

VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine. Without VMware Tools installed in your guest operating system, guest performance lacks important functionality. Installing VMware Tools eliminates or improves these issues:

  • Low video resolution
  • Inadequate color depth
  • Incorrect display of network speed
  • Restricted movement of the mouse
  • Inability to copy and paste and drag-and-drop files
  • Missing sound
  • Provides the ability to take quiesced snapshots of the guest OS
  • Synchronizes the time in the guest operating system with the time on the host
  • Provides support for guest-bound calls created with the VMware VIX API

VMware Tools includes these components:

  • VMware Tools service
  • VMware device drivers
  • VMware user process
  • VMware Tools control panel

.

Regards, Yash - If you found this or any other answer helpful, please consider the use of the Helpful or Correct buttons to award points.
defrogger
Enthusiast
Enthusiast
Jump to solution

Thanks everyone for the info.  Ill check out the link for installing vmware tools in Linux, that will definitly be helpful.

So ill start by just upgrading the ones that already have vmware tools installed and need upgrading.

From what it sounds like from a Security standpoint i dont need to be in a rush to update things.