By Kathryn Roqueeto 
The vSphere MOB, or Managed Object Browser, gives VMware administrators direct browser-based access to the vSphere object model. Furthermore, it exposes internal properties, methods, and data structures that the standard vSphere Client does not display. Therefore, administrators actively use it for deep diagnostics, troubleshooting, and advanced configuration tasks.
What Is the vSphere Managed Object Browser
The Managed Object Browser is a built-in web interface that VMware ships with ESXi hosts and vCenter Server. Additionally, it allows users to navigate the entire hierarchy of managed objects running inside the vSphere environment. Consequently, administrators gain visibility into real-time object states that normal management tools simply do not expose.
Furthermore, the MOB reflects the live state of the vSphere API object model at any given moment. Therefore, every property value a user sees in the MOB directly mirrors what the vSphere API currently reports.
How the vSphere MOB Works
The MOB communicates directly with the VMware API layer running beneath the vSphere infrastructure. Moreover, it renders each managed object as a clickable web page filled with properties and callable methods. As a result, administrators navigate through datastores, virtual machines, hosts, and networks using simple hyperlinks.
Additionally, the interface organizes objects into a tree-like structure starting from the root ServiceInstance object. From there, users drill down through folders, datacenters, clusters, and individual managed entities efficiently.
How to Access the vSphere MOB
Accessing MOB on ESXi Host
Open any modern web browser and type the ESXi host IP address followed by the MOB path. Furthermore, the correct URL format follows this structure clearly:
https://[ESXi-Host-IP]/mob
Then, enter your ESXi root credentials when the browser displays the authentication prompt. Consequently, the MOB homepage loads and shows the root ServiceInstance object immediately.
Accessing MOB on vCenter Server
Type the vCenter Server IP address or FQDN into the browser using this URL format:
https://[vCenter-IP]/mob
Additionally, use your vCenter Single Sign-On administrator credentials to authenticate successfully. Therefore, the browser grants access to the full vCenter-level object hierarchy after login.
Enabling the vSphere MOB
VMware disables the MOB by default on ESXi 6.0 and all later versions for security reasons. Therefore, administrators must manually enable it before attempting any browser-based access. Furthermore, enabling requires either the vSphere Client or direct ESXi Shell access depending on preference.
Enabling MOB via vSphere Client
Navigate to the ESXi host in the vSphere Client and select the Configure tab. Then, click System followed by Advanced System Settings in the left navigation panel. Additionally, search for the parameter named Config.HostAgent.plugins.solo.enableMob in the settings list. Finally, change the value from false to true and click OK to save the change.
Enabling MOB via ESXi Shell
Log into the ESXi Shell using SSH and run the following command directly:
vim-cmd proxysvc/add_np_service “mob” httpsWithRedirect 0 /mob
Furthermore, this command registers the MOB service and makes it immediately accessible through the browser. Consequently, no host reboot is necessary after running this command successfully.
Navigating the MOB Interface
Understanding the ServiceInstance Object
The ServiceInstance object sits at the very top of the entire MOB hierarchy. Moreover, it contains references to the ServiceContent object which links to every major manager inside vSphere. Therefore, administrators always start their navigation journey from this root object.
Exploring Properties
Each object page displays a properties table showing names, data types, and current live values. Additionally, clicking any linked value navigates deeper into nested objects and their associated properties. Consequently, users build a thorough understanding of how vSphere structures its internal data model.
Invoking Methods
The MOB also displays callable methods at the bottom section of each managed object page. Furthermore, administrators can invoke certain methods directly through the interface without writing any code. Therefore, tasks like reloading configurations or querying specific object states become straightforward browser operations.
Common Use Cases for the vSphere MOB
Retrieving License Information
Administrators query the LicenseManager object to retrieve current license assignments and feature availability details. Moreover, this approach helps quickly verify license states without navigating multiple vSphere Client menu layers.
Browsing Virtual Machine Properties
The MOB exposes detailed virtual machine configuration data including hardware, guest OS info, and runtime state. Furthermore, administrators use this to confirm exact VM settings during troubleshooting sessions efficiently.
Accessing Performance Manager Data
The PerformanceManager object inside the MOB provides access to available performance counters and metric metadata. Additionally, this helps developers and admins understand exactly which performance data points the vSphere API exposes.
Modifying Advanced Settings
Certain advanced vCenter and ESXi settings only appear through the MOB and not through the standard UI. Therefore, experienced administrators use the MOB to read and update these hidden configuration parameters directly.
Troubleshooting vCenter Services
The MOB helps administrators inspect the live state of vCenter services, sessions, and task history quickly. Consequently, diagnosing unexpected behavior or service failures becomes faster with direct object-level visibility.
vSphere MOB Security Risks and Concerns
Unauthorized Access Risk
The MOB exposes sensitive internal vSphere data to anyone who successfully authenticates against it. Moreover, a compromised administrator account could allow an attacker to extract full infrastructure details rapidly. Therefore, leaving the MOB enabled on production systems creates an unnecessary and serious security exposure.
Method Invocation Danger
Authenticated users can invoke certain MOB methods that directly alter the vSphere environment configuration. Furthermore, accidental or malicious method calls could disrupt running workloads or corrupt object states. Consequently, organizations must tightly control who can access the MOB at any given time.
VMware Security Hardening Guidance
VMware’s official security hardening guides explicitly recommend keeping the MOB disabled on all production systems. Additionally, the guides advise enabling it only temporarily for specific diagnostic tasks and disabling it immediately afterward. Therefore, following this guidance significantly reduces the attack surface of the vSphere environment.
Best Practices for Using the vSphere MOB Safely
Enable Only When Needed
Always enable the MOB specifically for a defined task and disable it again immediately after completion. Furthermore, document each instance of MOB access including the reason, duration, and administrator involved. Consequently, organizations maintain a clear audit trail of all MOB usage across their infrastructure.
Restrict Network Access
Use firewall rules to restrict MOB access to specific trusted administrator IP addresses only. Moreover, blocking MOB URLs at the network perimeter prevents unauthorized users from even reaching the login page. Therefore, network-level controls add a strong second layer of protection beyond authentication alone.
Use Strong Authentication
Always use complex, unique passwords for accounts that have MOB access on ESXi and vCenter. Additionally, enable multi-factor authentication on vCenter SSO to reduce credential compromise risk significantly. Consequently, even stolen passwords alone cannot grant unauthorized MOB access in protected environments.
Monitor and Log Access
Configure syslog forwarding on ESXi hosts to capture all MOB authentication and access attempts. Furthermore, integrate these logs with a SIEM platform to trigger alerts on unexpected or after-hours MOB logins. Therefore, security teams gain real-time visibility into potentially suspicious MOB activity.
Differences Between MOB on ESXi and vCenter
The ESXi MOB exposes only the objects and properties relevant to that single physical host. In contrast, the vCenter MOB displays the entire datacenter hierarchy including all clusters, hosts, and virtual machines. Furthermore, vCenter MOB provides access to additional manager objects like DistributedVirtualSwitchManager that ESXi lacks.
Therefore, administrators choose the appropriate MOB endpoint based on the specific scope of their investigation. Additionally, both interfaces share the same navigation style but differ significantly in the breadth of available data.
Alternatives to the vSphere MOB
PowerCLI
VMware PowerCLI offers a command-line alternative that accesses the same vSphere API without the browser interface. Moreover, PowerCLI supports scripting and automation which makes it far more efficient for repetitive administrative tasks. Therefore, most experienced administrators prefer PowerCLI over the MOB for regular operational work.
vSphere API Explorer
Newer versions of vCenter include a built-in REST API Explorer that provides a safer and more structured interface. Furthermore, it supports modern REST-based interactions that align better with contemporary automation workflows. Consequently, organizations modernizing their toolsets increasingly favor the API Explorer over the legacy MOB.
govc CLI Tool
The open-source govc tool communicates directly with the vSphere API from the command line efficiently. Additionally, it supports a wide range of read and write operations without requiring browser-based MOB access. Therefore, it serves as a lightweight and scriptable alternative for advanced vSphere administration tasks.
Conclusion
The vSphere MOB remains a powerful diagnostic and exploration tool for experienced VMware administrators. Furthermore, it provides unmatched visibility into the live vSphere object model during complex troubleshooting scenarios. However, its security risks demand strict access controls, temporary enablement policies, and thorough access logging always. Therefore, administrators who use it responsibly gain significant value while keeping their infrastructure properly protected.