SANS ISC: VMware vSphere Hardening Guide Draft posted for public review

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

VMware announces the first draft of the vSphere Hardening Guide, posted for public comment.  A worthy successor to the current VMware Hardening Guide, it contains over 100 guidelines, split into the following sections:

    * Introduction
    * Virtual Machines
    * Host
    * vNetwork
    * vCenter
    * Console OS (for ESX)

Aside from the versioning difference, this newer version of the guide uses a standardized format, and has severity levels for each security recommendation.  The Hardening Guide can certainly be used as-is for production environments today, but we can expect changes over the next while in response to comments to the posted draft.  While reviewing the draft, you'll see that most guidelines are worded to be "script friendly", which is very nice to see.

The announcement can be found here ==> http://blogs.vmware.com/security/2010/01/announcing-vsphere-40-hardening-guide-public-draft-release.html

The actual hardening guides can be found here ==> http://communities.vmware.com/community/vmtn/general/security?view=documents

Again, each document has a comments form, the authors are actively seeking constructive comments on these documents before going to a final version.

=============== Rob VandenBrink Metafore =================