VMware Cloud Community
lakey81
Enthusiast
Enthusiast
‎08-15-2013 06:32 AM

isolation.monitor.control.disable

In the hardening guide it wants you to enable this setting on VMs but also states the negative impact as "This configuration option may cause unexpected results, the virtual machine will be completely unaware that it is running in a virtualized setting.  VMware tools will not install or function.".

Has anyone enabled this and seen those results?  Breaking vmware tools doesn't seem like a good option to me!

0 Kudos
2 Replies
vmroyale
Immortal
Immortal
‎08-15-2013 09:01 AM

Note: Discussion successfully moved from VMware ESXi 5 to Security and Compliance

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com
0 Kudos
Digitalman
Contributor
Contributor
‎04-10-2014 02:29 AM

I was concerned about this setting as well, but I haven't been able to show that it breaks anything.

I set this parameter with PowerCLI, and verified its presence in the Web Client. A full shutdown / start of the VM came back up with the tools reporting as still functional and my VM console working as expected. VMTools was reporting as running in my VM with no reported errors. I verified that Tools was indeed processing on startup (as it did throw three expected errors for other parameters I'd disabled: HGFS and Unity)

My settings were as follows:

VM: Windows Server 2008 R2

VM HW Version: 8

vCenter 5.5

ESXi 5.5 1474528

Tools: v9344

Hope this helps!

0 Kudos