Consider basic security recommendations when creating and configuring hosts and virtual machines. Synchronizing Clocks on the vSphere NetworkBefore you install vCenter Single Sign-On, install the vSphere Web Client, or deploy the vCenter Server Appliance, make sure that all machines on the vSphere network have their clocks synchronized. Securing iSCSI StorageThe storage you configure for a host might include one or more storage area networks (SANs) that use iSCSI. When you configure iSCSI on a host, you can take several measures to minimize security risks. Masking and Zoning SAN ResourcesYou can use zoning and LUN masking to segregate SAN activity and restrict access to storage devices. Control CIM-Based Hardware Monitoring Tool AccessThe Common Information Model (CIM) system provides an interface that enables hardware-level management from remote applications using a set of standard APIs. To ensure that the CIM interface is secure, provide only the minimum access necessary to these applications. If an application has been provisioned with a root or full administrator account and the application is compromised, the full virtual environment might be compromised. Verify That Sending Host Performance Data to Guests is DisabledvSphere includes virtual machine performance counters on Windows operating systems where VMware Tools is installed. Performance counters allow virtual machine owners to do accurate performance analysis within the guest operating system. By default, vSphere does not expose host information to the guest virtual machine.