There are two categories of users in vSphere. The first category is the vCenter users, that is, users authorized to access the environment through vCenter. These are either users of the Windows domain that this vCenter belongs to, or the local Windows users on the host where vCenter Server is installed.

The second category is direct access users, that is, users who are able to log in to ESX hosts directly. These users are maintained locally on ESX hosts and are separate from vCenter users.

A role is a predefined set of privileges. When you assign a role to a user or a group, you assign a group of permissions for the object to this user or group.

The primary objective of a firewall is to control network traffic by analyzing it and making a decision if this traffic should be allowed or blocked.

ESXi and vCenter support the X.509v3 certificates. By default, SSL is enabled and all traffic is encrypted.

As an additional security measure, ESXi has a lockdown mode. When this mode is enabled...