Issue link: http://hub-fr.insight.com/i/532074
58 Addressing Security and Compliance Just like physical servers, VMs need to have appropri- ate security and compliance policies in place. Remember: ✓ If your business must comply with any govern- ment regulations, consider any audit rules that apply. For example, will it be acceptable for each workload to share physical networks or virtual switches? Must the data itself be on separate physical storage? ✓ As you set up policies and provisioning, keep in mind the challenge of managing sensitive data from different applications. Do the rules allow that data to reside with the data from other applica- tions at the compute, networking and storage layers? ✓ Make sure you have a working management net- work with all management interfaces of physical hosts, switches and other data center infrastruc- ture in the environment. Isolated management net- works provide higher security while preventing VM traffic from interfering with management traffic. ✓ You need to balance VM protection with perfor- mance by scheduling security scans and other checks for off hours. Also, consider using features built into vSphere with Operations Management, such as VMware vShield Endpoint™, which offloads anti-virus and anti-malware processes. This approach can also lower the risk of antivirus "storms" by centralizing those functions.