vSphere 5 Hardening Guide

Vmware has just released a great guide: the official hardening guide for vSphere 5.  The terminology has changed and if you are used to the version 4.1, there is a nice companion document to help you compare.

The security of the virtualization layer is fundamental for the security of the cloud infrastructures. This is acknowledged by the Cloud Security Alliance, by making it one of the domains in the guidance document and the virtualization layer is one of the root causes of the top threats to cloud computing as well.

In the hardening guide, I enjoyed the classification on component and subcomponents which helps IaaS security administrators to  establish the security perimeter and prioritize the actions.

It is also important that IaaS users understand the services managed by IaaS providers “under the hood” and to draw the line between the shared responsibility of IaaS users and IaaS providers. Ed Moyle of Savvis explains it beautifully in one blog post about compensating controls in the cloud.

So, thank you Vmware for the guide!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s