VMware’s hardening guides as well as other guides from the likes of DISA and CIS are all well and good but how practical are they?

Not every recommendation should be implemented as it may not be appropriate for your business.  Like everything with security there will always be a trade off in terms of the risk you are willing to take versus the day to day reality and practicality of operations. Having said that you have to start somewhere and these guides are a good basis for implementing security checks whatever your environment may be.  The clever part is implementing what these guides recommend within your environment in the most practical and sensible way. (more…)