VMware vSphere uses “bare-metal” virtualization, so the hypervisor interfaces directly with computer hardware without the need for a host operating system. This approach safeguards vSphere from OS-related vulnerabilities, making it the most robust and secure virtualization platform in the industry. The latest edition of vSphere includes a range of innovations that enhance virtualization security even further.
Bare-metal virtualization combined with other advanced capabilities makes the vSphere platform exceptionally manageable and secure.
- Small hypervisor footprint: Simplifies deployment, maintenance and patching, and reduces vulnerability by presenting a much smaller attack surface.
- Software acceptance levels: Prevents unauthorized software installation.
- Robust APIs: Enable agentless monitoring, eliminating the need to install third-party software.
- Host firewall: Protects the vSphere host management interface with a configurable, stateless firewall.
- Improved logging and auditing: Log all host activity under the logged-in user’s account, making it easy to monitor and audit activity on the host.
- Secure syslog: Log messages on local and/or remote log servers, with remote logging via either SSL or TCP connections.
- AD integration: Configure the vSphere host to join an Active Directory domain; individuals requesting host access are automatically authenticated against the centralized user directory.
VMware vShield Endpoint improves endpoint protection by orders of magnitude, offloading anti-threat agent processing inside guest virtual machines to a dedicated and secure virtual appliance delivered by VMware partners. vShield Endpoint enhances consolidation ratios and performance, streamlines anti-virus deployment and monitoring, and ensures compliance by logging anti-virus and anti-malware activities.