Detections
Analytics

TNS Citrix XenServer

Audit Details

Name: TNS Citrix XenServer

Updated: 11/1/2023

Authority: TNS

Plugin: Unix

Revision: 1.6

Estimated Item Count: 46

File Details

Filename: TNS_BestPractice_Citrix_XenServer.audit

Size: 42.9 kB

MD5: a361e70d6d0d5e12a1f6497d69bb15ac
SHA256: 3fc18c2ab464e2fac61c9c0a8c31d3fa670b8173bd017ca6b3ecd2b31cc767b9

Audit Changelog

 
Revision 1.6

Nov 1, 2023

Miscellaneous
  • Platform check updated.
Revision 1.5

Sep 29, 2023

Miscellaneous
  • References updated.
  • Variables updated.
Revision 1.4

Apr 12, 2023

Functional Update
  • TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best Practices
  • XenServer - Administrative actions are logged
  • XenServer - All network interfaces are operating in full-duplex mode
  • XenServer - Auto-start is not enabled
  • XenServer - Disable promiscuous mode on all network interfaces
  • XenServer - Disallow unplug detection on the storage network interface
  • XenServer - Enable QoS on all VM guests
  • XenServer - Enable only necessary and secure services, protocols, daemons - 'lwsmd'
  • XenServer - Enable only necessary and secure services, protocols, daemons - 'snapwatchd'
  • XenServer - Enable only necessary and secure services, protocols, daemons - 'sshd'
  • XenServer - Enable port locking by default on the VM guest network
  • XenServer - Enable remote syslog
  • XenServer - Ensure IP forwarding is disabled
  • XenServer - External authentication is disabled
  • XenServer - High availability is enabled
  • XenServer - Host is enabled
  • XenServer - Host version
  • XenServer - Identify a network interface to be used for storage access
  • XenServer - Install a trusted CA certificate on the pool
  • XenServer - Install a trusted certificate in place of the default self-signed SSL certificate
  • XenServer - List VLANs
  • XenServer - List VM CPU allocations
  • XenServer - List VM memory allocations
  • XenServer - List bonded NIC groups
  • XenServer - List crash dumps
  • XenServer - List halted VMs
  • XenServer - List networks
  • XenServer - List non-default VM templates
  • XenServer - List patches
  • XenServer - List physical storage locations
  • XenServer - List running VMs
  • XenServer - List security roles
  • XenServer - List users
  • XenServer - List virtual disks
  • XenServer - NTP client configured
  • XenServer - Only allow access to required network services
  • XenServer - Passwords stored in 'secrets' are not visible
  • XenServer - Restrict allowed IPv4 addresses used by each VM guest
  • XenServer - Restrict allowed IPv6 addresses used by each VM guest
  • XenServer - Review accounts used to mount remote storage
  • XenServer - Snapshots are not present
  • XenServer - The hosts.allow file limits access to the local network
  • XenServer - The hosts.deny file blocks access by default
  • XenServer - Use a static IP on the management network interface
  • XenServer - Use a static IP on the storage network interface
  • XenServer - XAPI SSL certificate is in default location
Informational Update
  • TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best Practices
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.3

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
  • Variables updated.
Revision 1.2

Dec 7, 2022

Miscellaneous
  • References updated.
Revision 1.1

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.