With the introduction of the VMware vCenter Server 6.0, you can expect to see new and improved features, as one would expect from any technological upgrade.
For instance, the VMware ESXi 6.0 hypervisor has increased the scalability of the virtual platform, scaling to up to 64 hosts (rather than the previous 32). This means the vSphere 6.0 can support up to 8,000 virtual machines in one single cluster.
In addition, hardware advancements such as support for 480 logical CPUs and 12TB of RAM make virtualization of more applications possible.
Improving consolidation ratios and making the management of clusters easier than ever, this new and improved server opens up many opportunities for organizations.
However, what really stands out with the newest VMware server update are the ESXi security features.
That’s why today we looking at ESXI 6.0 security enhancements you will learn about when you enroll in some high quality VMware courses.
1. Local Account Management
ESXi 6.0 enables users the option to manage local accounts on the ESXI server using new commands. Add, list, remove, and modify accounts across all hosts in a cluster and manage them in one central location using the vCenter Server system.
You can also set, remove, and list local permissions on ESXi servers and centrally manage them as well.
2. Account Lockouts
In the Host Advanced System Settings, you can now see two new settings related to the management of local account failed login attempts. For example, set parameters for how many failed login attempts will be allowed before a lockout (up to 10 failed login attempts), and determine the duration of the lockout period.
You are no longer required to hand edit passwords in this new ESXi version, as was the case in previous versions. In fact, just as you can manage account lockout parameters in a central location, you can also manage passwords for all clusters there as well.
4. Improved Audit Trails
In the past, being able to track audit trails run on a vCenter Server that correlated to an ESXi host were challenging. That’s because actions performed had very limited information attached to them in the logs.
Now, all actions have a definitive username and vCenter Server username attached so auditing actions is much easier.
5. Lockdown Mode Changes
Customer feedback is something developers strive to listen to, and if applicable, utilize in new server releases.
When it came to the lockdown modes of all servers prior to vSphere 6.0, people often complained that there was a certain inflexibility when in lockdown mode.
As a result, two new lockdown modes were implemented to improve the user experience, while also boosting the ESXi’s security:
- Normal Lockdown Mode. Accounts on the Exception User list can access the DCUI if they have admin privileges, along with those that have access to the DCUI in the first place. In this mode, DCUI access is not stopped at any time.
- Strict Lockdown Mode. In this mode, DCUI access is disabled preventing users from accessing it at any time, despite privileges afforded to them.
During your VMware training, you will learn about the different lockdown modes, how to enable/disable both of them, and what behavior will or will not be allowed in your virtualized environment depending on the lockdown mode in place.
In the end, understanding vSphere’s new ESXI 6.0 security features is critical for anyone looking to get into the IT industry looking to work with virtual environments, or those in an organization that will have access to virtual machines.