vSphere 6.5 Security Configuration Guide Available

vSphere 6.5 Security Configuration guide and Mike’s blog post about it.  In particular, he writes:

I’d like to take this opportunity to remind folks what the vSphere Hardening Guide and/or the vSphere Security Configuration Guide is and is not. It is not meant to be used as a “compliance” tool nor a set of boxes to check. It is not a set of mandates. Blanket application of ANY changes to a system should be carefully reviewed before being made.  It is a set of guidelines that attempts to explain risk and start a risk management conversation between IT and security and “guide” both teams into setting up the product in a secure fashion.

I’ve definitely seen this used as a “we must set all the settings to the hardening guide,” which just causes operations issues, thus generating workarounds, and certainly does not automatically improve your security stance.

Here’s the article:

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Categories

Archives

GiottoPress by Enrique Chavez