Harley Stagner writes the following for SearchServerVirtualization.com:
Do you need to secure a Microsoft Virtual Server 2005 installation for remote users? In the last article, I taught you how to secure local access to the host. In this article, we will walk through securing remote connections to Virtual Server 2005, including the administration website and the Virtual Machine Remote Connection (VMRC) client.
When we talk about securing remote access to virtual machines (VMs), we are really talking about securing two main components that are unique to a Virtual Server 2005 environment. These are the Virtual Server Administration Website and the VMRC client connection. In the previous article , we discussed securing access to the folders and files that make up the Virtual Server and Virtual Machine configuration and resource files. Proper security at this level will prevent anyone who is unauthorized from accessing the VMs.
However, unless appropriate precautions are made to secure the connection between the user and the Virtual Server Host, an unauthorized person may be able to gain access to the VMs. An improperly secured network connection could allow the electronic equivalent of looking over a person's shoulder while they put in the combination to a safe. If an attacker can eavesdrop on the wire, then it will not matter if the files are secured. The attacker can gain enough information to impersonate a user and gain access to any number of files on the Virtual Server Host. This is why it is so important to secure the connections to the Virtual Server Administration Website and the connections initiated from VMRC client.
Read the entire article, here.