- Segregation of Duties – Ensure that you assign the appropriate security roles and permissions for access to your VC, ESX and VM Guests
- Audit, Secure and lock down the VC Database
- Disable direct ‘ROOT’ logins for each of your ESX Servers
- Ensure that the ESX Firewall is enabled and configured correctly, disable ports that are not required.
- Ensure you have adequate logging enabled and enable remote logging to a syslog server.
- Assess the security of each VM based on function and network location. eg. eMail, DMZ. Apply security measures appropriate for the zone they are in.
- Make sure that the ESX host and all VM Guests are patched to the latest levels.
- Apply the same basic security controls to your VM’s as you would in the physical world, eg. AV
- Segment network access within your vSwitches and apply all security measures like disabling promiscuous mode.
- Regularly audit and assess the security configuration of your virtual environment.
