VMware Cloud Community
BEN59
Contributor
Contributor
Jump to solution

VM compromise

Hi ,

If a VM is compromised , which is using a production vlan in distriubuted switch hosted on an ESXi host , what will be the worst impact can happen in VM environment .

Will the other VMs running in different vlan in same distributed switch will affect ? will it cause any issue in vCenter enviroment.

@

1 Solution

Accepted Solutions
diegodco31
Leadership
Leadership
Jump to solution

Hi

They will have no impact. As long as the other VLANS are in different portgroups.

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego

View solution in original post

3 Replies
diegodco31
Leadership
Leadership
Jump to solution

Hi

They will have no impact. As long as the other VLANS are in different portgroups.

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
IRIX201110141
Champion
Champion
Jump to solution

Worst case? You havent patched your infrastructure against Spectre|2|NG, or have TPS global enabled on the Host, or one of the way to breach out of the VM to the Host like it was possible in the past.

Regards,

Joerg

Reply
0 Kudos
Ardaneh
Enthusiast
Enthusiast
Jump to solution

Hi,

Using port security policies at port group level allow you to protect from certain behaviors that could compromise security.

For example, a hacker could gain unauthorized access by spoofing the virtual machines MAC address. VMware recommends to set the MAC address Changes and Forged Transmits to “Reject” to help protect against attacks launched by a rogue guest operating system.

Set the Promiscuous Mode to “Reject” unless you want to monitor the traffic for network troubleshooting.

Anyhow, if one of your VM compromised nothing would happen to other VMs as long as they are in different portgroups