This audit, either complimentary to our “IT Infrastructure Data Security Audit” or self-sustained, assesses the VMWare configuration with a designated professional scan tool to identify security exposures in the VMWare management environment.
The scan includes a variety of defined policy based tests (automated and manual) in order to detect security failures and exposures at the VMWare environment which may potentially be used for malicious incursion of internal or external intruder.
The VMWare environment is compared to updated best-practices such as: DISA ESX STIG' hardening guide, VMware’s Security best practice hardening guide, CIS Benchmark etc. to test variety of parameters such as:
- Set Up the Windows Host for VirtualCenter with Proper Security
- Disable Unnecessary or Superfluous Functions
- Prevent Virtual Machines from Taking Over Resources
- Minimize Use of the VI Console
- Disable Copy & Paste Operations Between Guest Operating System & Remote Console
- Limit Data Flow from the Virtual Machine to the Datastore
- Ensure Unauthorized Devices are Not Connected
- Avoid Denial of Service Caused by Virtual Disk Modification Operations
- Protect against MAC Address Spoofing
- Specify the Guest Operating System Correctly
- Verify Proper File Permissions for Virtual Machine Files
- Strictly Control Root Privileges
- Control Access to Privileged Capabilities
- Establish and Maintain File System Integrity
- Secure the SNMP Configuration
And more…
