Securing vSphere components is an aspect of any design and implementation. Components should be secured to minimize vulnerabilities that could be maliciously exploited. Though ESXi is secure post-installation, there are a few configurations that could be made to further harden the hypervisor. Consider using a host profile (discussed previously in Chapter 7, Understanding Host Profiles, Image Profiles, and Auto Deploy) to create a baseline and make these changes across all ESXi hosts.
ESXi hosts may be configured to use Active Directory to manage user access. Using local user accounts on each host would be tedious, and may potentially involve having to create and manage account names and passwords across many ESXi hosts. Using a directory service, like Active Directory, can help reduce ESXi host configuration, simplifying management, and reducing the chance that a configuration issue may lead to unintended unauthorized access.
To configure...