Does VMware suggest that the guidelines in the DISA STIG for file permissions and such not be applied to an ESXi server? I understand there is no console as such for ESXi but if I were to use VMware technical support and access the hidden console would VMware recommend making those changes on an ESXi server. Or is it just a waste of time to make these changes because ESXi is secure?
VMware provides a Hardening Guide for ESX 3.5 at http://www.vmware.com/resources/techresources/726
I don't remember seeing the DISA file system settings in there, but that doesn't mean they aren't there. I would assume VMware would simply say to enable Lockdown mode.
-Justin
If your already running vSphere checkout the ESXi specific sections in the VMware vSphere 4.0 Security Hardening Guide located here.
regards,
EH