Securing ESXi
There are other aspects of ESXi security besides users, groups, and roles. Many of them are related to network security, such as firewall and the SSL certificates, and the ability to access hosts remotely.
These network-related security features just mentioned will be discussed in the later sections of this chapter.
Using a firewall
The primary objective of a firewall is to control the network traffic by analyzing it and making a decision whether this traffic should be allowed or blocked.
When it comes to a virtual environment, firewalls can be implemented in the following components:
Physical machines: A firewall can be used between physical machines, such as ESXi hosts and vCenter Server, if it's running on a physical server.
Virtual machines: A firewall can be used between virtual machines connected to different network segments, such as internal and external networks.
Virtual and physical machines: A firewall can also be used in between a virtual and a physical machine. For...
