GEN005440-ESXI5-000078 - The system must not be used as a syslog server (log host) for systems external to the enclave - log host for systems external to the enclave

Information

Syslog messages are typically unencrypted and may contain sensitive information and are, therefore, restricted to the enclave.

Solution

Step 1: Verify that the vSphere Syslog Collector syslog host has been configured. If not, install/enable the vSphere Syslog Collector.
Step 2: From the vSphere Client: Select the host and click 'Configuration >> Advanced Settings >> Syslog >> Global'.
Step 3: Set 'Syslog.global.logHost' to the syslog server hostname restricted to the enclave.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_ESXi5_Server_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Group-ID|V-39279, Rule-ID|SV-250588r798763_rule, STIG-ID|GEN005440-ESXI5-000078, STIG-Legacy|SV-51095, STIG-Legacy|V-39279, Vuln-ID|V-250588

Plugin: VMware

Control ID: 8519819170e460e3f29e5e0820a452d7e32bcc066ee9808a631828b26b025ebf