Less than two months the popular Center for Internet Security (CIS) released first part of a new security benchmarking guide for virtual infrastructures.
This first part covered general security measures to take for enforcing guest operating systems.
Now the CIS released the second part, covering security measures to take with VMware ESX Server 3.0 in 70 pages.
Suggested hardening measures cover various topics, from NTP configuration to use of CHAP to connect iSCSI devices, passing by logging facility fine tuning and boot services minimization.
In its complex it’s a valuable document which will help ESX administrators until the new 3i architecture (which get rid of Red Hat based service console) will be deployed, but as always hardening procedures have an impact on any given environment. Customers which want to follow this guide should first ask VMware if they support the hardened ESX host.
Download both guides at the source.
Thanks to Christofer Hoff for the news.