I have not tried GPU pass through, I do use it for a NIC card with 2 NICs. When you do pass through, you can not take a snapshot of that VM, I have to power the VM down to use Veeam. We rarely have to do that, the system is only doing Blue Iris. Rarely changes.
I think you would have to do port forwarding unless you can do SSL directly into the ESXi system. The rules for doing port forwarding are very simple. Never do port forwarding. Well, maybe if you PF to a router that has an openVPN server in it.
If you are not going to provide SSL access, probably Team Viewer or some such is best. Although I have tested same, I have never used it in production. We have hardware firewalls with SSL VPN servers and static public IP addresses. That is kind of old school. I guess it depends on how paranoid you are. I have cleaned up after 3 successful ransomeware attacks at clients. Well, 4 if you count a "honeypot".
Backup/Restore: If you are running the free license, I think there are some backup scripts floating around that work. Since we are "paid", we use Veeam. I see people enabling SSH and using secure FTP to copy files. You can always use the OS backup, stuff like Acronis or like. Run it just like on hardware.
you would be better off taking your ESXi questions to the ESXi forum since this is WS. I do run WS with all the same security choices as the ESXi servers on my development system (Linux). Same hardware firewall.
Lou
