Recent Posts

Logging USB devices plugged into ESXi

posted

  I just found an interesting question on an internal message board here in VMware. A customer was wondering if it was possible to disable USB ports at the ESXi level. They are a very security conscience organization and they want to block any opportunity for someone internally with malicious intent to plug in a Read more...

vSphere Hardening Guide 5.5 Update 1 Released!

posted

I’m happy to announce the general availability of the vSphere Hardening Guide for vSphere 5.5 Update 1. This has been a work in progress for a little while now and I’m glad to get it out there! There are 4 new additions to the guide. Please review. enable-VGA-Only-Mode: Used for server VM’s that don’t need Read more...

vSphere Hardening Guide 5.5 Update 1 Beta 2 released

posted

After a lot of great feedback from the community, here’s Beta 2.1 of the vSphere Hardening Guide for vSphere 5.5 Update 1. There were some editing mishaps (cut off cells in the Excel sheet) that have been fixed since the Beta 1 release. Also, all the *-no-self-signed-certs guidelines have been updated to be more in Read more...

vSphere Hardening Guide 5.5 Update 1 Beta released

posted

Hi everyone, It’s that time again! Actually, it’s the first time that I’m aware of that the vSphere hardening guide has been updated between major releases! Please head on over to the Security and Compliance VMware Community and download the beta of the vSphere 5.5 Update 1 Hardening Guide. This is a beta release of Read more...

What happened to that Hardening Guide setting?

posted

Hi! As usual, most of my blog posts come from customer or field questions. Here’s a new one crossed my path recently. A customer, running vSphere 5.1, was finding some anomalies within their VM’s. Their belief was that some of the vSphere Hardening Guide settings were causing it. When this was assigned to me, I Read more...

Can an admin peek inside my VM?

posted

A great question crossed my desk today from a customer. “Can a VI Admin who has root access to ESXi “abuse” their privileges and “peek” inside the guests of VM’s hosted on the server?” The short answer? If your ESXi admin has root or full administrator privileges, they can do anything. Nobody should be surprised Read more...

Security of the VMware Hypervisor – A Whitepaper

posted

Hi! I’m happy to announce the availability of a whitepaper that I had been working on much of the past year. Since I joined VMware back in January of 2013, an almost weekly request was for a whitepaper that help IT team explain the security of the VMware vSphere hypervisor, a.k.a. ESXi, to a security Read more...