Home > Blogs > VMware Security & Compliance Blog


vSphere 5.0 Security Hardening Guide Released

I would like to announce the official release of the vSphere 5.0 Security Hardening Guide.  This version represents a significant step in the evolution of this guide.  Based on feedback from customers and partners, the guide was re-structured from the ground up with the following key aspects:

  • The guide is being released exclusively in spreadsheet format.  Many of you have indicated that, although the accompanying text found in previous versions of the guide is interesting, the specific steps for assessment and remediation of the recommendations are really what matters.  Since people often end up putting the guide into spreadsheet format anyway, we figure we'd save you the trouble!
  • All guidelines have the same set of metadata, and a new standardized and extensible identification scheme.  This will enable customers to more readily adapt the guide to suit their particular environment by selecting the specific guidelines and fields that are of interest to them, and also help them in the generation of standard checklists and similar documents.
  • A primary goal for this guide was to enable greater automatability.  To this end, the guide includes both assessment and remediation commands for the three main vSphere CLIs: vSphere CLI (vCLI), ESXi Shell, and PowerCLI.  References have also been added to sections of the vSphere API documentation that relate to each specific guideline. 
  • The previous recommendation levels have been replaced by a system using Profiles. This is part of the move towards putting the guide into industry-standard format, a potential benefit that will be fully realized in the future.

The Introduction tab of the guide describes the new naming scheme, structure, recommendation levels, and other aspects of the guide in more detail.  Please read this tab first before diving into the rest of the guide, as it provides important context.

The vSphere 5.0 Security Hardening Guide has been posted to the VMware Communities in the "Security and Compliance” area, in the Documents tab.  Thanks to everyone who provided feedback on the Public Draft, and also to the team at VMware who contributed to this guide in many significant ways.

Charu Chaubal
Technical Marketing, Cloud Infrastructure 

This entry was posted in Uncategorized and tagged , , , on by .

About Charu Chaubal

Charu Chaubal is the Director of Technical Marketing for the Cloud Platform Business Unit at VMware, and runs the team that works on the vSphere product line. He has been at the company since 2006, and has been responsible for customer education and sales enablement for a wide range of datacenter technologies, such as hypervisor security, hyperconverged storage, and virtualization of data science applications. Previously, he worked at Sun Microsystems, where he had over 7 years experience with architecting distributed resource management and HPC infrastructure software solutions.

4 thoughts on “vSphere 5.0 Security Hardening Guide Released

  1. Pravin Goyal

    Super! It was much awaited.

  2. Mary

    Formatting the guide into spreadsheets is going to save so many people time and energy! Sounds like a great improvement. Profiles seem like a good idea for those who need this product for different reasons.

  3. Joe Sanchez

    Thanks for the file! A lot of good info covered in all the tabs.

  4. George@Web security solutions

    Quite some good information not forgetting that such a guide further helps the bigger community of people. Security should be put at utmost importance. Thanks a lot!

Comments are closed.