Here’s an example hosts.allow:
#begin
sshd:management.host.com:allow
sshd:ALL:deny
xinetd:management-host-ip-or-fqdn-hostname:allow
xinetx:ALL:deny
httpd:management-host-ip-or-fqdn-hostname:allow
httpd:ALL:deny
#eof
But even this may be too simple.
Reference:
http://www.dell.com/downloads/global/…/tnc/dell_vmware_certified_deploy.pdf
http://communities.vmware.com/thread/182964?tstart=0
What this will do is allow all hosts to ssh into the system while only allowing VI client connections from the virtualcenter server. This means you pretty much have to go through virtualcenter to manage the system.