vCenter Server and ESXi Security Best Practices and Resources

If you follow best practices, your ESXi hosts and vCenter Server systems can be as secure as or even more secure than an environment that does not include virtualization.

This manual includes best practices for the different components of your vSphere infrastructure. This manual is only one of the sources you must use to ensure a secure environment.

vSphere Security Resources

To learn more about specific aspects of vSphere security, use the following content in this manual.

Table 1. Security Best Practices
vSphere component	Resource
ESXi host	Securing ESXi Hosts
vCenter Server system	Securing vCenter Server Systems
Virtual machine	Virtual Machine Security Best Practices
vSphere Networking	vSphere Networking Security Best Practices

VMware Security Resources on the Web

VMware security resources, including security alerts and downloads, are available on the Web.

Table 2. VMware Security Resources on the Web
Topic	Resource
Information about ESXi and vCenter Server security and operations, including secure configuration and hypervisor security.	https://core.vmware.com/security
Corporate security response policy	http://www.vmware.com/support/policies/security_response.html VMware is committed to helping you maintain a secure environment. Security issues are corrected in a timely manner. The VMware Security Response Policy states our commitment to resolve possible vulnerabilities in our products.
Third-party software support policy	https://www.vmware.com/resources/compatibility/search.php VMware supports a variety of storage systems, software agents such as backup agents, system management agents, and so forth. You can find lists of agents, tools, and other software that support ESXi in the ESXi compatibility guides. The industry offers more products and configurations than VMware can test. If VMware does not list a product or configuration in a compatibility guide, Technical Support attempts to help you with any problems, but cannot guarantee that the product or configuration can be used. Always evaluate security risks for unsupported products or configurations carefully.
Compliance and security standards, and partner solutions and in-depth content about virtualization and compliance	https://core.vmware.com/compliance
Security configuration guides (formerly known as hardening guides) for different versions of vSphere and other VMware products.	https://core.vmware.com/security-configuration-guide