Book Image

VMware vSphere 5.5 Essentials

Book Image

VMware vSphere 5.5 Essentials

Overview of this book

Table of Contents (20 chapters)
VMware vSphere Essentials
Credits
Foreword
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Understanding security profile services and lockdown mode


VMware ESXi built-in firewall is known as security profile. It is the firewall for the entire host including the management interface, but not the virtual guest machines running on the host. We have already learnt how to configure the security profile firewall using vSphere Web Client and the command shell. To ensure central manageability, we can use a feature called lockdown mode through vCenter Server.

Lockdown mode

Lockdown mode is used to restrict a host to be accessed and operated by vCenter Server only, to enhance security. Only vpxuser has the authentication, and can perform any operations on the ESXi host directly.

In accordance with vSphere 6.0 latest changes I think it is necessary to add another sentence after this one:

With vSphere 6.0 it is also possible to specify a list of users that are eligible to access the Direct Console User Interface (DCUI). For this, the advanced setting DCUI.Access needs to be altered on the ESXi...