CIS releases Vmware ESX security guide
The Center for Internet Security has now released guidelines for hardening hosts running VMWare ESX Server 3. This supplements the more general virtual machine security guide they published in September.
The ESX guidelines cover basic to intermediate techniques for hardening the ESX host and linux-based service console, including ESX-specific guidance for file and directory permissions and kernel tuning, and recommendations for the remote web and GUI consoles.
There is no automated scoring tool for assessing conformance to the recommendations, but a backup script and list of critical files to backup in the service console before making changes are provided.
Download the guidelines here: VMware ESX Server 3.x Benchmark
Update (Mar 2008): Another VMware ESX guide that also covers SAN, network and other often ignored components has been released by by the NSA. Find it (and guidelines for many other products) here: NSA Current Security Configuration Guides
Related posts: