---
title: "Keeping your vSphere web client secure"
description: "Find out how to optimise security for your vSphere web client"
url: https://docs.ovhcloud.com/en/guides/hosted-private-cloud/powered-by-vmware/vsphere-access-security-advices
lang: en
lastUpdated: 2020-06-30
---
# Keeping your vSphere web client secure

## Objective

To ensure optimal security for your system, we recommend limiting access to it. We offer a number of different methods for this.

**Find out how to secure access to your vSphere web client quickly and easily, using our tips below.**


***

### OVHcloud Control Panel Access

- **Direct link:** [VMware vSphere](https://manager.eu.ovhcloud.com/#/dedicated/dedicated_cloud)
- **Navigation path:** <code className="action">Hosted Private Cloud</code> > <code className="action">Managed VMware vSphere</code> > Select your vSphere service

***


## Requirements

- You must be logged in to the <ManagerLink to="/">OVHcloud Control Panel</ManagerLink>.

## Instructions

### Restrict access by IP address

This first method involves restricting access based on the user's IP address. For this purpose, we recommend continuing to work with a registration system that uses whitelisting. This technique refuses access by default for all IP addresses. You can then manually add the IPs that require access to your infrastructure.

You can do this directly in your OVHcloud Control Panel
. Go to the Private Cloud section, then `Security
`. In this section, you will see a table listing all authorised or denied IP addresses. To add new ones, click `Add IPs
` on the right-hand side:
![Add IP](/images/hosted-private-cloud/powered-by-vmware/vsphere-access-security-advices/adding_ip.png)
### Create specific users

We highly recommend creating personal accounts for each user that requires access to your infrastructure. You can also do this in your OVHcloud Control Panel
, in the `Users
` tab. To add new users, click the `Create User`
 button on the right-hand side.
![Users](/images/hosted-private-cloud/powered-by-vmware/vsphere-access-security-advices/users.png)
When you create a new user, you are required to set a password.

:::info
To ensure that your data is secure, your password must meet the criteria listed below:

- It must contain at least eight characters.
- It must contain at least three character types.
- It must not contain a dictionary word.
- It must not contain any personal information (e.g. your first name, surname or date of birth).
- It must not be used as a password by any other user accounts.
- It must be stored in a password manager.
- It must be changed every three months.
- It must not be identical to any previously used passwords.

:::

You can then manage each user’s rights by clicking on the cogwheel icons at the far right of each user row:

![Edit user rights](/images/hosted-private-cloud/powered-by-vmware/vsphere-access-security-advices/users_edit.png)
### Limit session times

When users finish a session, we recommend closing the session accordingly. To limit connection time, you can set a session expiry duration.

To do this, go to your OVHcloud Control Panel
. Go to the Private Cloud section, then `Security
`. Next, click the `Change expiry duration
` button, situated on the right-hand side of the screen. In the following window, you can choose the time (in minutes) before a session expires.
![Session expiry](/images/hosted-private-cloud/powered-by-vmware/vsphere-access-security-advices/expiration.png)
## Go further

Join our community of users on [https://community.ovh.com/en/](https://community.ovh.com/en/).