VMware is quite secure. One high level national security organization spent six months trying to crack VMware virtual machines. They ended up implementing it.

VMware Infrastructure addresses security in a number of ways. Some of these include:

  • Compatibility with SAN security practices. VMware Infrastructure enforces security policies with LUN zoning and LUN masking.
  • Implementation of secure networking features. VLAN tagging enhances network security by tagging and filtering network traffic on VLANs, and Layer network security policies enforce security for virtual machines at the Ethernet layer in a way that is not available with physical servers.
  • Integration with Microsoft® Active Directory. VMware Infrastructure allows you to base access controls on existing Microsoft Active Directory authentication mechanisms.
  • Custom roles and permissions. VMware Infrastructure enhances security and flexibility with user-defined roles. You can restrict access to the entire inventory of virtual machines, resource pools and servers by assigning users to these custom roles.
  • Resource pool access control and delegation. VMware Infrastructure secures resource allocation at different levels in the company. For example, when a top-level administrator makes a resource pool available to a department-level user, all virtual machine creation and management can be performed by the department administrator within the boundaries assigned to the resource pool.
  • Audit trails. VMware Infrastructure maintains a record of configuration changes and the administrator who initiated each one. You can export reports for event tracking.
  • Session management. VMware Infrastructure lets you discover—and if necessary—terminate VirtualCenter user sessions.