Tuesday, 28 June 2016

Securing Virtual Machines: Unnecessary Hardware Devices

When virtual machine is created, there are multiple devices that are associated with VM like floppy drive, CD-ROM and few others, but some of these devices are rarely used.

I just created the test VM without any modification below is the result of default device that are getting added.





Monday, 27 June 2016

Securing Virtual machine: Limit Informational Messages from Virtual Machines to VMX Files

Limiting the informational messages from the virtual machine to the VMX file helps to avoid filling the datastore and causing a Denial of Service (DoS).

A Denial of Service can occur when size of a virtual machine's VMX file is not controlled and the amount of information exceeds the datastore capacity.

The configuration file (.vmx) containing the informational name-value pairs is limited to 1MB by default.

The default limit of 1 MB is in place even if you do not see tools.setInfo.sizeLimit parameter in the advanced options.



In most cases, this capacity is sufficient, however, you may have to increase the limit as and when required like large amounts of custom information are being stored in the configuration file. 


Procedure in web client:
  1. Find the virtual machine in the vSphere Web Client inventory.
  2. Select a data center, folder, cluster, resource pool, or host.
  3. Click the Related Objects tab and click Virtual Machines.
  4. Right-click the virtual machine and click Edit Settings.
  5. Select VM Options tab.
  6. Click Advanced and click Edit Configuration.
  7. Add or edit the tools.setInfo.sizeLimit parameter.
Do check other article in this series Securing Virtual Machines: Unnecessary Hardware Devices

Popular Posts This Week