VxRail security hardening
Security transformation within Dell Technologies is about rethinking security and accelerating innovation. Dell Technologies is focused on security, from collaboration between the Dell Technologies companies down to product development and release. VxRail is no exception. It is built with the highest levels of product security assurance. It provides fully integrated security capabilities that your organization can use to optimize cybersecurity resiliency, from the edge to the core to the cloud, to accelerate innovation.
VxRail is an ideal platform for IT infrastructure and security transformation. It provides layers of protection to keep your data and business applications secure. Only the Dell Technologies family of companies can provide the full end-to-end solutions required to keep up with today’s evolving threat landscape. VxRail has security built in at every level of the integrated technology stack. This starts with each processor and PowerEdge server and continues through the VxRail HCI System Software, including the integrated VMware software, ensuring availability, integrity, and confidence for every workload, whether it be traditional or cloud native.
For more information, see the Dell EMC VxRail: Security Technical Implementation Guide (STIG) on VxRail. It describes both integrated and optional security features, best practices, and proven techniques for securing your VxRail from the core to the edge to the cloud.
VMware vSphere security
The VMware vSphere Security Configuration Guide 7 (SCG) is the baseline for hardening and auditing guidance for vSphere itself. Started more than a decade ago, the SCG has served as a reference for vSphere administrators as they work to protect their infrastructure.
VMware NSX-T 3.1 security
The VMware NSX-T 3.1 Security Configuration Guide provides prescriptive guidance for customers on how to deploy and operate VMware NSX-T in a secure manner.
VMware vSAN encryption
To further secure your data, encrypt data in transit in your vSAN cluster and encrypt data at rest in your vSAN datastore.
vSAN can encrypt data in transit across hosts in the vSAN cluster. Data-in-transit encryption protects data as it moves around the vSAN cluster.
vSAN can encrypt data at rest in the vSAN datastore. Data-at-rest encryption protects data on storage devices, in case a device is removed from the cluster. When you enable data-at-rest encryption, vSAN encrypts everything in the vSAN datastore. All files are encrypted, which protects all VMs and their corresponding data. Only administrators with encryption privileges can perform encryption and decryption tasks.
For more information, see Using Encryption in a vSAN Cluster.