Introduction
Security requirements of the virtual environment are a critical part of the vSphere design. If components of the virtual datacenter are compromised, a great deal of damage can be done, from powering off virtual machines to accessing sensitive data and impacting business process by disrupting or deleting virtual resources. To identify security requirements, there are a few questions the datacenter architect should ask, and these include the following:
- What users require access? What resources should be available to users? Administrators, users, auditors, and so on.
- Do resources require physical separation to ensure security?
- Which resources should be separated? For example, separating DMZ resources from internal production resources: is it okay to share storage between DMZ and internal production resources? What about compute?
- Are there compliance policies, for example, Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry (PCI) policies, which the...