PowerCLI – configure host dump-collector

There are a number of post showing how to setup VMware's Dump Collector, once that is done the hosts need to be configured to point to the dump collector. First check that you can connect to the dump collector nc -z -u <your dump collector ip><port> see the following kb for troubleshooting http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2003042   Jonathan …

Security Audit – Set ssh timeouts

Security auditors will consider ssh access a vulnerability. This can be mitigated by setting timeout values and linking the starting of the service to a vCenter user When a ssh session is needed the service will have to be started from the vCenter or DCUI. (In the case of DCUI access, either physical controls to the data …

Security Audit – esxi logon

How are are you going to control logon to the esxi hosts? One solution is to add hosts to the domain, and then use active directory nominal accounts and groups assignments to access the esxi servers. The advantage of this is that account creation, permissions and policies are set in the domain and will be covered by the …

Security Audit – vCenter logs retention and extract

As vCenter access is a entry control point, failure to produce logon events will be a major failure in the audit. vSphere vCenter should be configured to save logs for at lease 90 days or longer depending on your stated policy. If you have a sizeable environment you probably want to limit the size of …

Security Audit – Generic accounts have to be explained

Justifying generic accounts is going to be an issue in any audit, before you walk into the room, have a list of all the "principles", that is users or groups. You will be expected to explain each one, and typically asked to search the logon events to see if they were used.   Some of the …

Security Audit – vCenter user roles, and assigned permissions

So once you have established the source of accounts isn't vCenter, then it needs to be made clear permissions are not directly assigned to users or groups. Make sure you understand this; vCenter uses Roles,  permissions are assigned to the role not the user.               Roles and assignment can …