As a best practice and where practical, avoid using the default ports when installing System Center Virtual Machine Manager components.
Firewall and antivirus software that are running on the host operating system do not protect guest virtual machines. For optimal production, install these products on the guest operating systems in addition to the host.
Limit access to the host file system. The access control list (ACL) for library shares should contain only System Center Virtual Machine Manager Administrators, the System Center Virtual Machine Manager server‘s machine account, and self-service users (if appropriate).
When a virtual machine host or library server is added, System Center Virtual Machine Manager remotely installs a System Center Virtual Machine Manager agent on the managed computer. This process opens a range of DCOM ports and uses Server Message Block (SMB). If this is a concern for the customer, the System Center Virtual Machine Manager agent can be manually installed on the host and then remotely discovered from the System Center Virtual Machine Manager Administrator Console by using only the Microsoft Windows® Remote Management (WinRM) port (80 by default) and the Background Intelligent Transfer Service (BITS) port (443 by default).
To create and manage virtual machines on a host, an administrator needs to have been assigned the appropriate role and does not require local administrative privileges.
Monitoring and Reporting
Reporting in System Center Virtual Machine Manager is provided though the Server Virtualization Management Pack for System Center Operations Manager 2007. Before reports can be viewed and used, Operations Manager must be installed and the Server Virtualization Management Pack deployed. Reports are generated by Operations Manager but can be opened in Reporting view in the System Center Virtual Machine Manager Administrator Console.
Additionally, the Operations Manager 2007 agent must be installed on each machine that will be monitored.
One report that is helpful in planning the virtual environment is the Virtualization Candidates report. This report helps to identify the physical computers that are good candidates for conversion to virtual machines. The Virtualization Candidates report can be used to identify little-used servers and to display the average values for a common set of performance counters for CPU, memory, and disk usage along with hardware configuration information, including processor speed, number of processors, and RAM. The report can be limited to computers