Understanding security profile services and lockdown mode
VMware ESXi built-in firewall is known as security profile. It is the firewall for the entire host including the management interface, but not the virtual guest machines running on the host. We have already learnt how to configure the security profile firewall using vSphere Web Client and the command shell. To ensure central manageability, we can use a feature called lockdown mode through vCenter Server.
Lockdown mode
Lockdown mode is used to restrict a host to be accessed and operated by vCenter Server only, to enhance security. Only vpxuser has the authentication, and can perform any operations on the ESXi host directly.
In accordance with vSphere 6.0 latest changes I think it is necessary to add another sentence after this one:
With vSphere 6.0 it is also possible to specify a list of users that are eligible to access the Direct Console User Interface (DCUI). For this, the advanced setting DCUI.Access needs to be altered on the ESXi...
