I've hardened a vCenter Server 5.5 as much as possible using Nessus and Nexpose scans, but two "severe" risks remain. one is
Database Open Access--
The SqlExpress server that VMWare loads is password protected, but Nexpose (PCI and DSS) don't allow databases to be exposed through unlimited direct web access.
Is there any way to pass this Nexpose scan by limiting access to the database to a specific IP address, or some other trick?
