Security Profile services

You can use the Security Profile window to manage services (daemons) running on the ESXi host. You can start, stop, or restart services and control their startup behaviour. You can choose between the three startup policies, based on the status of the firewall ports:

  • Start and stop with host – a service starts shortly after the host starts and closes shortly after the host shuts down. The service will regularly attempt to complete its tasks, such as contacting the NTP server. If the port was closed but is subsequently opened, the client begins completing its tasks shortly thereafter.
  • Start and stop manually – the administrator determines the service status. Port availability is not taken into consideration and the status of the service will be preserved even after the ESXi host is rebooted.
  • Start and stop with port usage – this option (recommended by VMware) causes a service to attempt to start if any port is open and continue to attempt to start until it successfully completes. The service stops when all ports are closed.

You can manage the services running on your ESXi host using vSphere Web Client. Select your ESXi host from the inventory, go to Manage > Settings > Security Profile and click the Edit button for services:

edit services

In the Edit Security Profile window, select the service you would like to manage:

edit ssh service

In the picture above you can see that the SSH service is running and it is configured to start and stop with the host.

Geek University 2021