VCENTER-000022 - Network access to the vCenter Server system must be restricted.

Information

Restrict access to only those essential components required to communicate with vCenter. Blocking access by unnecessary systems reduces the potential for general attacks on the operating system and minimizes risk.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

The vCenter Server Windows system must be protected by utilizing a network and/or local firewall. Install the vCenter Server Windows system behind the firewall and/or install a firewall application on the Windows system. Firewall protections must include IP-based access restrictions, enabling only necessary components to communicate with the vCenter Server system.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_ESXi5_vCenter_Server_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Group-ID|V-39560, Rule-ID|SV-250741r799913_rule, STIG-ID|VCENTER-000022, STIG-Legacy|SV-51418, STIG-Legacy|V-39560, Vuln-ID|V-250741

Plugin: VMware

Control ID: 6ceaef477aeb0172f350e9740e5a129cb2503669b275b989b15e72dbac95c5cb