VMware vSphere Security Configuration Guide Archive


The vSphere Security Configuration Guide (SCG) is the baseline for hardening and auditing guidance for VMware vSphere itself. Started more than a decade ago, it has long served as guidance for vSphere Administrators looking to protect their infrastructure.

This is an archive of hardening guidance for versions of vSphere past the end of their support:

  • VMware vSphere 4.0
  • VMware vSphere 4.1
  • VMware vSphere 5.0
  • VMware vSphere 5.1
  • VMware vSphere 6.0

Intended Audience

Because this archive refers to versions of vSphere that are currently out of support it is intended for reference only. Do not apply security guidance to implementations of vSphere they are not labeled for use with.

VMware strongly urges customers to run software that is actively maintained by vendors, both VMware and otherwise.

There are many engineered data center & hybrid cloud infrastructure products, like VMware Cloud Foundation, VMware Cloud, Dell EMC VxRail, and such that implement vSphere as part of their solutions. If this is how you consume vSphere you should check with those products’ support for guidance on security first, before implementing these ideas. Some of the vSphere SCG’s recommendations are likely to be safe to implement, but others may interfere with operations of those solutions.


You can get the VMware vSphere Security Configuration Guide Archive from:


If you want to link to this content we maintain a permanent redirect:


Filter Tags

Security ESXi vCenter Server vSphere Document Best Practice Intermediate