Contributor
Contributor

vSphere Hardening

I have recently downloaded the vSphere hardening guide for 5.5 and looking for guidance on how to deploy to multiple servers. The guide outlines a long list of configurations to apply but this can be a daunting task if you have several hosts.

Is it possible to script the changes? Does anyone have experience scripting them?

Thanks

0 Kudos
2 Replies
Leadership
Leadership

Hello,

To use the hardening guide please look at the first sheet and pick a risk profile. Once you do that apply the changes according to the profile. You cannot do all of them since some are profile specific and contradictory between profiles. Most sites will just stop at risk profile #3.

Yes you can script some of these elements, specifically 51 of the 57 VM changes using Perl or PowerShell depending on your desires. The others are still under investigation by many. However, there will be ones where you have to decide how to proceed before you do it.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XII: 2009-2020,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
Immortal
Immortal

Texiwill i am for sure going to follow your link!

0 Kudos