VMware vCenter Server Appliance has a built in Firewall but documentation is a little primitive.

So if you want to to secure your server you need to modify firewall rules to permit your ip address and block all the others. So let’s say your computer has the 192.168.1.10 ip address you should point to https://vcenter:5480/ui/firewall and create a rule at top of the list, firewall reads rules top to bottom, by adding 192.168.1.10/32 and selecting Accept from Action menu.

If that’s ok you should add another rule by adding 0.0.0.0/0 and choosing Reject from Action menu. With this rule we just blocks everyone else.

Caution ! This must be the second rule, the rules are live that means by adding them the changes on firewall act immediately.

Just in case you lock yourself out, you can edit the rules with the shell in /etc/vmware/appliance/firewall.conf and then reload with /usr/lib/applmgmt/networking/bin/firewall-reload. Although it might be cleaner/safer to do it at the actual firewall level.