You configure a syslog server and configure backups for vCenter Server from the vCenter Server Appliance Management Interface.

Procedure

  1. In a Web browser, log in to the vCenter Server Management Interface.​

    Setting

    Value

    URL

    https:///vcenter-server-fqdn:5480

    User name​

    [email protected]

  2. VMW-VC-01218 Configure the appliance to send logs to a central log server.
    1. In the left pane, click Syslog.
    2. Click Configure, configure the address and port of a site-specific syslog aggregator or SIEM with the appropriate protocol, and click Save.
      Note:

      UDP is discouraged due to it's stateless and unencrypted nature. TLS is recommended.

  3. VMW-VC-01220 The vCenter Server configuration must be backed up on a regular basis.
    1. In the left pane, click Backup and click Configure or Edit for an existing configuration.
    2. Enter site-specific information for the backup job.
    3. Ensure that the schedule is set to Daily and click Create.
  4. VMW-VC-01250 Limit access to vCenter Server by restricting SSH.
    1. In the left pane, click Access and click Edit.
    2. Deactivate the Enable SSH login toggle and click OK.
  5. In a Web browser, log in to the vCenter Server Management Interface.​

    Setting

    Value

    URL

    https:///vcenter-server-fqdn:5480

    User name​

    root

  6. VMW-VC-01255 Ensure password expiration for the root user is correct.
    1. In the left pane, click Administration and click Edit under Password Expriation Settings.
    2. Set Password Validity (days) to 9999 and Email for expiration warning to your own email address and click SAVE.
      Note:

      Configure SMTP on vCenter Server to recieve the notification of expiration warning.