Whitepaper: VMware Infrastructure 3 Security Hardening

VMware published a basic but interesting 19-pages security guide for ESX Server 3.x and VirtualCenter 2.x. It covers hardening of virtual machine, service console, ESX host and VirtualCenter machine:

By introducing a layer of abstraction between the physical hardware and virtualized systems running IT services, virtualization technology provides a powerful means to deliver cost savings via server consolidation as well as increased operational efficiency and flexibility. However, the added functionality introduces a virtualization layer that itself becomes a potential avenue of attack for the virtual services being hosted. Because a single host system can house multiple virtual machines, the security of that host becomes even more important. Any security breach on that system can have a far greater effect on your environment.

Because it is based on a light-weight, kernel optimized for virtualization, VMware ESX Server is less susceptible to viruses and other problems that affect general-purpose operating systems. However, ESX Server is not impervious to attack, and you should take proper measures to harden it, as well as the VMware VirtualCenter management server, against malicious activity or unintended damage. This paper provides recommendations for steps you can take to ensure that your VMware Infrastructure 3 environment is properly secured.

Read the whole paper at source.