vSphere 8 Security Configuration & Hardening Guide


The VMware vSphere Security Configuration & Hardening Guide (SCG) is the baseline for hardening and auditing guidance for VMware vSphere itself. Started more than fifteen years ago, it has long served as guidance for virtualization administrators looking to protect their infrastructure.

Security is always a tradeoff, and turning on all security features, to their highest levels of security, often impedes day-to-day administration efforts. The goal of the vSphere Security Configuration Guide is to be a baseline set of security best practices that informs administrators while weighing the tradeoffs. It is not a catalogue of all available security controls, but instead a reasonable baseline on which to build.


This document is intended to provide general guidance for organizations that are considering VMware solutions. The information contained in this document is for educational and informational purposes only. This document is not intended to provide advice and is provided “AS IS.” VMware makes no claims, promises, or guarantees about the accuracy, completeness, or adequacy of the information contained herein. Organizations should engage appropriate legal, business, technical, and audit expertise within their specific organization for review of requirements and effectiveness of implementations.

Download the Latest Version

The Security Configuration & Hardening Guide for VMware vSphere 8 can be downloaded from: 


We maintain a permanent link for use in documents and other resources:



Something wrong with this guide? We strive for 100% accuracy and appreciate feedback. Please visit:


and use the Feedback mechanism on the page there to send us information. Thank you. 

Filter Tags

Security ESXi ESXi 8 vCenter Server vCenter Server 8 vSphere vSphere 8 Document Best Practice Intermediate