Hi, I'm working on the ESXi & vCenter hardening and is seeking for some guides. CIS Benchmark only has list for ESXi, and I found hardening guide for vSphere on VMWare website here.
But there are some confusions, as I Googled, vSphere is a software suite that includes ESXi and vCenter, does it means I can use the guide above to perform hardening for both ESXi and vCenter?
I'm not sure whether my understand is correct (e.g. there are top forums for vSphere VS vCenter here), any help/clarification would be much appreciated.
Hi
Security hardening document will cover most of the topics in securing your vSphere environment --> Security Hardening Guides - VMware Security | IN
For enhancing security on vCenter, you can refer following document --> vCenter Server Security Best Practices
Hi
Security hardening document will cover most of the topics in securing your vSphere environment --> Security Hardening Guides - VMware Security | IN
For enhancing security on vCenter, you can refer following document --> vCenter Server Security Best Practices
Hi, sorry, but do you mean I can use the Hardening Security Guide for both ESXi and vCenter?
Yes. It has some parameters which requires changes in vCenter, however most of the configurations are related to ESXi an VMs. For additional information related to securing vCenter, please refer the second link vCenter Server Security Best Practices
Hope that helps
nlks
You can look at :
STIGs Document Library – DoD Cyber Exchange and search "vmware".
I also recommend to use https://www.runecast.com/ with already built-in options to verify if you are in compliance with STIG, CIS, PCI DSS, ...