Best Practices in Virtualization Security ................................................................. SHANIT GUPTA

ESX Host ............................................................................................................................293 Patches ........................................................................................................................... 294 Server Management........................................................................................................ 294 Security Tools ................................................................................................................. 294

Hardening Steps for ESX Host ................................................................................................ 295 Controlled Root Access ....................................................................................................... 295 Strong Password Policy ....................................................................................................... 295 Password Aging ................................................................................................................... 295 Password Complexity and Lock Out ................................................................................... 296 Authorization Controls for Privileged Operations ............................................................... 297

Substitute User Privileges ............................................................................................... 297 Perform Actions as Super User ....................................................................................... 297

Active Directory Integration ............................................................................................... 297 Disable Unnecessary Services on the Host ........................................................................... 298 Secure SNMP Confi guration .............................................................................................. 299 Confi gure Proper Logging .................................................................................................. 300

Log File Size ................................................................................................................... 300 Remote Logging ............................................................................................................. 300 Time Synchronization .....................................................................................................301