Follow all best practices for securing a vCenter Server system to secure your vCenter Server Appliance. Additional steps help you make your appliance more secure.

Configure NTP

Ensure that all systems use the same relative time source. This time source must be in syn with an agreed-upon time standard such as Coordinated Universal Time (UTC). Synchronized systems are essential for certificate validation. NTP also makes it easier to track an intruder in log files. Incorrect time settings make it difficult to inspect and correlate log files to detect attacks, and make auditing inaccurate. See Synchronize the Time in the vCenter Server Appliance with an NTP Server.

Restrict vCenter Server Appliance network access

Restrict access to components that are required to communicate with the vCenter Server Appliance. Blocking access from unnecessary systems reduces the potential for attacks on the operating system. See Required Ports for vCenter Server and Platform Services Controller and Additional vCenter Server TCP and UDP Ports. Follow the guidelines in VMware KB article 2047585 to set up your environment with firewall settings that are compliant with the DISA STIG.