I have seen DOD baselines, CIS standards and other but they all seem to be somewhat outdated. Does anyone have ESX/ESXi security standards they want to share? Trying to gather information on this topic and who better to ask but this community. Any help is appreciated!
The only vSphere Guidance out there at the moment is to follow the guidance for ESX 3.5. There are several groups working on 'projects' around this, such as VMware, CIS, DISA, but nothing is final or available.
Keep using the guidance for 3.5 and you are a leg up. Most of that guidance will not change.
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Virtualization Practice Analyst[/url]
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|
[url=http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast]Virtualization Security Round Table Podcast[/url]