ESXI-67-000049 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting ESXi management traffic.

Information

The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.

Select the Management VMkernel and click 'Edit'.

On the Port properties tab, uncheck everything but 'Management.'

On the IP Settings tab, enter the appropriate IP address and subnet information and click 'OK'.

Set the appropriate VLAN ID >> Configure >> Networking >> Virtual switches.

Select the Management portgroup and click 'Edit'.

On the properties tab, enter the appropriate VLAN ID and click 'OK'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y23M07_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CAT|II, CCI|CCI-002418, Rule-ID|SV-239304r854600_rule, STIG-ID|ESXI-67-000049, Vuln-ID|V-239304

Plugin: VMware

Control ID: a222134f2110cb4f5f608b1f77eafb18550309ff5f471338f8a76613fffb7510