Security and Compliance Configuration for VMware Cloud Foundation provides general guidance and step-by-step configuration for securing the management domain of a VMware Cloud Foundation instance towards compliance with the NIST 800-53 standard.

Legal Disclaimer:

This document is intended to provide general guidance for organizations that are considering VMware solutions to help them address compliance requirements. The information contained in this document is for educational and informational purposes only. This document is not intended to provide regulatory advice and is provided “AS IS”. VMware makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein. Organizations should engage appropriate legal, business, technical, and audit expertise within their specific organization for review of regulatory compliance requirements.

Intended Audience

Security and Compliance Configuration for VMware Cloud Foundation is intended for cloud architects, infrastructure administrators, and cloud administrators who are familiar with and want to use VMware software to secure and work towards compliance.

Required VMware Software

The Security and Compliance Configuration for VMware Cloud Foundation documentation is compliant and with certain product versions. See VMware Cloud Foundation Release Notes for more information about supported product versions.

Update History

This Security and Compliance Configuration for VMware Cloud Foundation is updated with each release of the product or when necessary.

Revision

Description

11 MAY 2021

vSAN encryption added to the document.

13 APR 2021

  • Added a new section Security Configurations for Further Evaluation in the NSX-T Data Center best practices.

  • NSX-T Distributed Firewall configurations are now clarified.

  • ESXi login as root configuration added.

16 MAR 2021

Initial release.