We are in the process of planning a small deployment of VMs which have exposure to the public internet and access unusually sensitive information. Our current debate is whether to manage the hosts individually or via a vCenter 5.5 cluster. Our specific concern is preventing one compromised VM from allowing an attacker to have easier access to another VM within vCenter. There will only be 2 or 3 hosts and about 10 VMs to start with. I have skimmed through the document, vSphere Security for vCenter Server 5.5 and ESXi 5.5:
1) Are there any portions of the vSphere Security document upon which we should focus to increase inter-VM security within vCenter?
2) Are there any other documents that would also help?
3) Even with recommended safeguards in place, is it still safer to manage our small numbers of VMs individually?
Thank you. ... . . . .. .. ... . . .