Hi,
Attached is the beta release of the vSphere 5.5 Update 1 Hardening Guide.
There are 4 new additions to the guide. Please review.
1. enable-VGA-Only-Mode: Used for server VM's that don't need a graphical console. e.g. Linux web servers, Windows Core, etc.
2. disable-non-essential-3D-features: Remove 3D graphic capabilities from VM's that don't need them
3. use-unique-roles: A new companion control to use-service-accounts. If you have multiple service accounts then each one should have a unique role with just enough privs to accomplish their task. This is in line with least-priv operations
4. change-sso-admin-password: A great catch. When installing Windows vCenter, you're prompted to change the password of administrator@vsphere.local. When installing the VCSA in a default manner you are not. This control reminds you to go back and do that.
The rest are formatting, spelling, clarification, etc..
I had considered removing "disable-datastore-browser" and "disable-mob". I'm holding off at the moment on those. I think they add more trouble than they protect. Feedback on these two would be GREATLY appreciated.
Your feedback is key. I really do listen! 
The intent is for this to GA in one week. The GA of the hardening guide will be reflected in the latest updates from the VCM team as well.
mike
Yup, seen it and totally get the need and wish we had something just like that.
However, I'm looking for something that helps me generate the content that something like that could consume. I've looked at a ton of "solutions" and nothing seems to meet the requirements without significant coding/customization. Things I just don't have the cycles for, unfortunately, primarily because creating the content is taking so much bloody time.
mike
