Lock down mode confines that Host to be managed by that VCenter server only. Connections using a direct VSphere client will not be possible.
If your VCenter server becomes unavailable, you may not be able to manage Host operations if lock down mode is enabled. We do not recommend enabling lock down mode unless an extreme security risk requires it. Instead, it is better to seperate Host management traffic to a different VLAN and/or subnet. Always use secure root passwords for your hosts and a secure administrator password for your VCenter server.
Applies to: