Your VMware environment needs to be secure in order to protect the confidentiality, integrity and availability of your applications and data. To maintain the required level of security, many companies run regular VMware security assessments. At the core of this process is a list of guidelines on configuration and governance of the virtual infrastructure. Those guidelines can be found in various audit checklists. Some are focused on information specific to a virtualization platform and published by vendors in the form of guides, such as the VMware Security Hardening Guides. Others aim to cover the broadest variety of security issues, and hence stay product and vendor agnostic.
Best practices are another source that can help you ensure the integrity of your VMware installation. Best practices are usually focused on a specific part of the system, for example, vCenter server or an individual ESXi host, and they are often a supplement to VMware security checklists. However, simply following those guidelines and recommendations for configuration and management of the virtual infrastructure might not be enough to maintain a high level of security of that infrastructure. In particular, there’s no guarantee that your installation will remain unchanged. Therefore, continuous server audit for changes made to your virtual infrastructure and a method for ensuring that those changes are aligned with the security strategy are crucial components of your VMware risk assessment program.
You can achieve the visibility your need with continuous monitoring of the VMware environment. In this Quick Reference Guide, you’ll learn important tips about VMware change monitoring and event viewing, including recommendations on how to: