DISA STIG VMware vSphere 7.0 RhttpProxy v1r1

Name: DISA STIG VMware vSphere 7.0 RhttpProxy v1r1

Updated: 6/17/2024

Authority: DISA STIG

Plugin: Unix

Revision: 1.1

Estimated Item Count: 9

Filename: DISA_STIG_VMware_vSphere_7.0_RhttpProxy_v1r1.audit

Size: 20.7 kB

MD5: 0bbe3ac029a20e0a9f95fa046526b18a

SHA256: f220641852bf08fab59355bf3dae98de513713c004e78a8022b170078f45878d

Description	Categories
DISA_STIG_VMware_vSphere_7.0_RhttpProxy_v1r1.audit from DISA VMware vSphere 7.0 vCenter Appliance RhttpProxy v1r1 STIG
VCRP-70-000001 - Envoy must drop connections to disconnected clients.	ACCESS CONTROL
VCRP-70-000002 - Envoy must set a limit on established connections.	ACCESS CONTROL
VCRP-70-000003 - Envoy must be configured to operate in FIPS mode.	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCRP-70-000004 - Envoy must use only Transport Layer Security (TLS) 1.2 for the protection of client connections.	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
VCRP-70-000005 - The Envoy private key file must be protected from unauthorized access.	IDENTIFICATION AND AUTHENTICATION
VCRP-70-000006 - Envoy must exclusively use the HTTPS protocol for client connections.	ACCESS CONTROL
VCRP-70-000007 - Envoy (rhttpproxy) log files must be shipped via syslog to a central log server.	AUDIT AND ACCOUNTABILITY
VCRP-70-000008 - Envoy log files must be shipped via syslog to a central log server	AUDIT AND ACCOUNTABILITY