Follow ESXi security best practices to ensure the integrity of your vSphere deployment. For additional information, see the Hardening Guide.
- Verify installation media
- Always check the SHA1 hash after downloading an ISO, offline bundle, or patch to ensure integrity and authenticity of the downloaded files. If you obtain physical media from VMware and the security seal is broken, return the software to VMware for a replacement.
- After downloading media, use the MD5 sum value to verify the integrity of the download. Compare the MD5 sum output with the value posted on the VMware Web site. Each operating system has a different method and tool for checking MD5 sum values. For Linux, use the "md5sum" command. For Microsoft Windows, you can download an add-on product
- Check CRLs manually
- By default, an ESXi host does not support CRL checking. You must search for and remove revoked certificates manually. These certificates are typically custom generated certificates from a corporate CA or a third-party CA. Many corporations use scripts to find and replace revoked SSL certificates on ESXi hosts.
- Monitor the ESX Admins Active Directory group
- The Active Directory group used by vSphere is defined by the plugins.hostsvc.esxAdminsGroup advanced system setting. By default this option is set to ESX Admins. All members of the ESX Admins group are granted full administrative access to all ESXi hosts in the domain. Monitor Active Directory for the creation of this group and limit membership to highly trusted users and groups.
- Monitor configuration files
ESXi configuration settings are controlled with an API, a limited number of configuration files affects the host directly. These files are exposed through the vSphere file transfer API, which uses HTTPS. If you make changes to these files, you must also perform the corresponding administrative action such as making a configuration change.
Note: Do not attempt to monitor files that are NOT exposed via this file-transfer API.
- Use vmkfstools to erase sensitive data
- When you delete a VMDK file with sensitive data, shut down or stop the virtual machine, and then issue the vCLI command vmkfstools --writezeros on that file. You can then delete the file from the datastore.