ESXI-06-000049 - The system must protect the confidentiality and integrity of transmitted information by protecting ESXi management traffic.

Information

The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configuration of the Management VMkernel will be unique to each environment but for example to modify the IP address and VLAN information to the correct network on a standard switch do the following:

From the vSphere Client select the ESXi host and go to Configuration >> Networking >> On the vSwitch that contains the Management VMkernel select Properties. Select the Management VMkernel and click Edit >> On the General tab uncheck everything but 'Management Traffic' and set the appropriate VLAN ID >> Go to the IP Settings tab >> Enter the appropriate IP address and subnet information and click OK.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMware_vSphere_6-0_ESXi_V1R5_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CAT|II, CCI|CCI-002418, Group-ID|V-63267, Rule-ID|SV-77757r1_rule, STIG-ID|ESXI-06-000049, Vuln-ID|V-63267

Plugin: VMware

Control ID: 63aca64eb049c9e4f6196dbcffcc7aa669c7df3d60e0e8254c798972e2d8d8be