VMware vSphere Security Configuration Guide Archive


The vSphere Security Configuration Guide (SCG) is the baseline for security hardening of VMware vSphere itself, and the core of VMware security best practices. Started more than a decade ago as the VMware vSphere Security Hardening Guide, it has long served as guidance for vSphere Administrators looking to protect their infrastructure. This is an archive of hardening guidance for versions of vSphere past the end of their support.

This is an archive of hardening guidance for versions of vSphere past the end of their support:

  • VMware vSphere 4.0
  • VMware vSphere 4.1
  • VMware vSphere 5.0
  • VMware vSphere 5.1
  • VMware vSphere 6.0

Intended Audience

Because this archive refers to versions of vSphere that are currently out of support it is intended for reference only. Do not apply security guidance to implementations of vSphere they are not labeled for use with.

VMware strongly urges customers to run software that is actively maintained by vendors, both VMware and otherwise.

There are many engineered data center & hybrid cloud infrastructure products, like VMware Cloud Foundation, VMware Cloud, Dell EMC VxRail, and such that implement vSphere as part of their solutions. If this is how you consume vSphere you should check with those products’ support for guidance on security first, before implementing these ideas. Some of the vSphere SCG’s recommendations are likely to be safe to implement, but others may interfere with operations of those solutions.


You can get the VMware vSphere Security Configuration Guide Archive from:


If you want to link to this content we maintain a permanent redirect:


Filter Tags

Security ESXi vCenter Server vSphere Document Best Practice Intermediate