To increase the security of an ESXi host system which is being managed by a vCenter Server system you can enable Lockdown Mode to restrict users from performing actions directly on an ESXi host using SSH or the ESXi shell. Also, users without the DCUI Access privelage will be restricted from accessing the DCUI. As Lockdown … More Security – Part Four: Enabling ESXi Lockdown Mode

In order to secure connections between clients, ESXi host systems and the vCenter Server system SSL is used. When an ESXi host system or vCenter Server system is installed, the installation will include SSL certificates by default to establish an initial connection. In order to connect ESXi host systems to a managed vCenter Server system … More Security – Part Three: Generating ESXi Host Certificates

In order to access an ESXi host system using a SSH client there is a requirement to connect to the remote host. By default, the ESXi host system does not enable SSH connections and therefore there is a requirement to enable access to an ESXi host system to use SSH. This can be performed from … More Security – Part Two: Configure ESXi Host SSH Settings

By default, there are no restrictions set on the local root user account on an ESXi host system. However, the local non-root users must satisfy the requirements of the password compliance policy defined by the Pluggable Authentication Module (PAM). By default, the ESXi host system checks for password compliance using the pas_passwdqc.so PAM module. The … More Security – Part One: Enabling strong passwords and configuring password policies