The following test cases provide detail on the vSphere validated security configuration settings. There are test cases for deployments with and without a vCenter-managed deployment. This is important to note, as some ESXi configurations are not applicable when managed by vCenter. The goal is to provide validated security settings that can be applied to the applicable edge solutions DVD deployment to provide simplified guidance.
Some configuration settings are highly recommended, such as integrating with a central logging server or applying different privileges to users based on job function. Other recommended settings, such as integrating with Active Directory (AD) or importing Certificate Authority (CA) signed certificates, depend on the environment of the organization and their security requirements.
With the release of vSphere 8.0, many security features are added, such as disable ESXi shell access for non-root users, create local admin and remove privileges for default root user, set default key using the CLI, and so on.
For more information about security updates, see About vSphere Security.