The service provider and system administrators are responsible for the security of each vCloud Director server group.

Securing a vCloud Director server group from outside attackers, requires you to take the kinds of defensive measures common to all Web-based services, including securing HTTPS endpoints with signed certificates and placing a Web Application Firewall between the system and the Internet. In addiiotn, you must be sure to configure the services on which vCloud Director depends, including the RabbitMQ AMQP broker and an optional Apache Cassandra database, in a way that minimizes opportunities for external actors to compromise these systems.