When implementing virtualization technology, organizations must ensure that they can continue to maintain a secure environment and meet their compliance obligations. To do so, you will have to evaluate risks that might affect protected information and mitigate those risks through risk-appropriate standards, processes, and best practices.
This set of documents provides guidance on how to securely deploy VMware vSphere 4.1 (“vSphere”) in a production environment. The focus is on initial configuration of the virtualization infrastructure layer, which covers the following:
- The virtualization hosts (both VMware ESX® 4 and VMware ESXi™ 4)
Configuration of the virtual machine container (NOT hardening of the guest operating system (OS) or any applications running within) - Configuration of the virtual networking infrastructure, including the management and storage networks as well as the virtual switch (but NOT security of the virtual machine’s network)
- VMware vCenter™ Server, its database and client components
VMware Update Manager (included because the regular update and patching of the ESX/ESXi hosts and the virtual machine containers are essential to maintaining the security of the environment)