Last Updated: 2012-06-04 06:03:56 UTC
by Rob VandenBrink (Version: 1)
This past week (June 1) VMware has posted version 1.0 of it's vSphere 5.0 Hardening Guide. They've changed their approach from previous Hardening Guides, the current version is gridded out an Excel doc, with the benchmarks split out between those that apply to Virtual Machines, ESXi, Network and vCenter.
The thing I really like about this new version of the Hardening Guide is that it further emphasizes script-based assessments of as many of the benchmarks as possible. Examples of how to assess many of the benchmarks are supplied in vCLI, PowerCLI and direct shell scripting within ESXi.
This approach is near-and-dear to my heart, we spend an entire day on script based security assessments of vSphere ESX and ESXi environments in SANS SEC579 ( https://www.sans.org/security-training/virtualization-private-cloud-security-1651-mid )
You can find the vSphere 5.0 Hardening Guide here ==> http://communities.vmware.com/docs/DOC-19605
For assessing vSphere 4.1, the vSphere 4.1 Hardening Guide can be found here ==> http://communities.vmware.com/docs/DOC-15413
Thanks to Charu, his team and all the contributors to this great series of resources!