Last Friday, VMware released their vSphere 5.0 Security Hardening Guide v1.0. It’s a great and extensive guide to completely secure your VMware vSphere 5 Infrastructure from ESXi host to vCenter server and from the vNetwork to virtual machine. The coincidence is that yesterday I had a discussion with a colleague on enabling root access on a customers ESXi hosts. Following this hardening guide will prevent people from adding vulnerabilities to a great product.
With this new release the format of this guide has changed from previous versions. The guide is being released as a Excel spreadsheet only. The guideline metadata from earlier guides has been greatly expanded and standardized. CLI commands for assessment and remediation of the guidelines is included for the vCLI, ESXi Shell, and PowerCLI. For additional information, please see the Intro tab of the spreadsheet.
You can find the VMware vSphere 5.0 Security Hardening Guide, v1.0 here.