VMware has released a guide to hardening its NSX virtual networking and product.
The guide published online by VMware information security professional Pravin Goyal, covers management, control and data planes.
It recommends including audit logs and system events in backups, enabling and securing remote logging for the NSX manager and disabling secure shell where possible.
"Audit logs and system events carry important information that might be needed in future for tracking the events or for accountability and security reasons. It is important to safeguard these logs and thus should be regularly backed up to be preserved for future," one recommendation read.
"Network for controllers should be isolated completely. There is no security on communications between the controllers by design. Without isolation, the virtual network information is exposed to confidentiality, integrity, and availability attacks."
Each category listed the components and vulnerability and corresponding assessment information along with recommended settings and possible risks.
The 45 recommendations could be accessed in spreadsheet format on the VMware website. ® ®