Securing virtual machines
For the most part, virtual machines should be secured in the same way as a physical server. Ensure that anti-virus and patches are kept up to date. Disable anything that is unnecessary on the virtual machine. For example, if serial ports or the floppy drive are not in use for a virtual machine, disable those interfaces or remove those devices. Unused interfaces could potentially be used for direct access to a virtual machine. Ideally, these configurations are made once on a virtual machine that is converted to a template, thereby reducing the risk of misconfiguration.
There are several advanced configurations that can be made to help harden the virtual machines. To do so:
- Navigate to a virtual machine in the inventory using the vSphere Web Client.
- Right-click on the virtual machine and select Edit Settings… :
- Click on the VM Options tab and expand VMware Remote Console Options.
- Modify the VMware Remote Console Options as needed:
- Guest OS lock: This setting specifies...
