Following VMware's vision, the five pillars of cyber hygiene are as follows:
- Least privilege: This is the common, and most reasonable, approach; it applies to user accounts, service accounts, and services in general (for example, used ports).
- Micro-Segmentation: Using NSX, it's finally possible to bring network control to the VM level, with granular security rules. Considering the new product (AppDefense), VM security can be enforced at both the network and application levels.
- Encryption: Data must be protected at each level, and for the physical level, encryption is the only way to ensure good protection.
- Authentication: Authentication is usually the weakest part, primarily due to simple passwords (or passwords that are not changed periodically).
- Patching: Keeping your software components up to date is crucial for the security aspect, but it's also very important for implementing new features. Upgrading and patching will be discussed in Objective 4.
Chapter 2, Configure and Administer vSphere 6.x Networking, will check your virtual networking knowledge.
