Re: Enhancing ESXi Host Security Against Ransomwar...

Punkgeek · ‎10-23-2023

Hello,

I have an ESXi host with a public IP address, and it is connected to the vCenter via the public IP address. Given that I am unable to move the ESXi into a private network, I'm considering using VMware NSX DFW to enhance its security against ransomware. Would this solution suffice?

Regards,

jeffersonc47 · ‎10-26-2023

The NSX DFW can't do firewalling of ESXi host vmk interfaces. However, there is a firewall native to ESXi that you can use - https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-8912DD42-C6EA-429....

Punkgeek · ‎10-26-2023

Thank you for your response.

Is it safe enough to only limit IP addresses in the ESXi firewall?

Enhancing ESXi Host Security Against Ransomware with VMware NSX DFW