Dear Team,
Following services are selected on ESXi firewall , just want to know which service is safe to stop as we have audit in our environment also want to know the the detail info related to these services
regards
Mr Vmware
Well, it all depends upon the environment need your server is placed.
For ex: if you dont want users to meddle with ssh to the server, then you can stop the SSH,
NTP is not configured, then you can stop NTP.
N1KV* does note to Cisco switch. So I wouldnt recommend to stop it, if you are using Cisco N1K
Do refer to the VMware Security Hardening Guides | United States
on the required services for ESXi to work and securing them
Well, it all depends upon the environment need your server is placed.
For ex: if you dont want users to meddle with ssh to the server, then you can stop the SSH,
NTP is not configured, then you can stop NTP.
N1KV* does note to Cisco switch. So I wouldnt recommend to stop it, if you are using Cisco N1K
Do refer to the VMware Security Hardening Guides | United States
on the required services for ESXi to work and securing them
Hi
Welcome to communities.
DHCP client if you are not running DHCP server and NTP client if not using
Global NTP server for synchronisation.
When you install ESXi 5 the firewall is enabled by default, with it only allowing the essential traffic, and denying the rest. You can manage the firewall using the vSphere client, or from the CLI.
In the vSphere client the firewall settings can be accessed from the Security Profile section of the Configuration tab:
By accessing the firewall properties you can see which ports are open and which services are started:
Clicking the ‘Firewall’ button will allow you to allow connections only from specific IP addresses/ranges:
You can choose how to start services by clicking on the services properties:
Clicking options will allow you to change how the service starts:
You have the following options for starting services:
Working with the Firewall using the GUI is fairly straight forward so, for the rest of this post I’ll focus on interacting with the ESXi firewall using the CLI.
With ESXi 5 the esxcfg-firewall command has been replaced by the esxcli network firewall command/namespace. You can list the current status of the firewall by running:
esxcli network firewall get
To enable and disable the firewall service we can use the following commands:
esxcli network firewall set –enabled false
esxcli network firewall set –enabled true
To list the current firewall rules you can run:
esxcli network firewall rulesset list
We can enable a rule by running
esxcli network firewall ruleset –enabled true –ruleset-id rulesetName