Detections
Analytics

Item Search

NameAudit NamePluginCategory
ESXI-67-000022 - The ESXi host SSH daemon must be configured to not allow gateway ports.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

CONFIGURATION MANAGEMENT

ESXI-67-000026 - The ESXi host SSH daemon must set a timeout count on idle sessions.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

CONFIGURATION MANAGEMENT

ESXI-67-000054 - The ESXi host must enable bidirectional CHAP authentication for iSCSI traffic.DISA STIG VMware vSphere 6.7 ESXi v1r3VMware

CONFIGURATION MANAGEMENT

ESXI-67-000068 - All ESXi host-connected virtual switch VLANs must be fully documented and have only the required VLANs.DISA STIG VMware vSphere 6.7 ESXi v1r3VMware

CONFIGURATION MANAGEMENT

ESXI-67-000076 - The ESXi host must enable Secure Boot.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000215 The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000217 The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000225 The ESXi host must enable volatile key destruction.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000226 The ESXi host must configure a session timeout for the vSphere API.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000227 The ESXi host must be configured with an appropriate maximum password age.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000228 The ESXi Common Information Model (CIM) service must be disabled.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000232 The ESXi host must enable audit logging.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

ESXI-80-000245 The ESXi host must use sufficient entropy for cryptographic operations.DISA VMware vSphere 8.0 ESXi STIG OS v2r1Unix

CONFIGURATION MANAGEMENT

ESXI-80-000246 The ESXi host must not enable log filtering.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

CONFIGURATION MANAGEMENT

FNFG-FW-000145 - The FortiGate firewall must be configured to restrict it from accepting outbound packets that contain an illegitimate address in the source address field via an egress filter or by enabling Unicast Reverse Path Forwarding (uRPF).DISA Fortigate Firewall STIG v1r3FortiGate

CONFIGURATION MANAGEMENT

PHTN-40-000211 The Photon operating system must configure Secure Shell (SSH) to disallow Generic Security Service Application Program Interface (GSSAPI) authentication.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-40-000246 The Photon operating system must restrict core dumps.DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1Unix

CONFIGURATION MANAGEMENT

PHTN-67-000087 - The Photon operating system must configure sshd to disallow Kerberos authentication.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000088 - The Photon operating system must configure sshd to use privilege separation.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000103 - The Photon operating system must be configured so that all cron paths are protected from unauthorized modification - cron.monthlyDISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000104 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets - net.ipv4.conf.eth0.accept_source_routeDISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000105 - The Photon operating system must not respond to IPv4 Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.all.secure_redirectsDISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.default.secure_redirectsDISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.all.send_redirectsDISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

CONFIGURATION MANAGEMENT

RHEL-07-010063 - The Red Hat Enterprise Linux operating system must disable the login screen user list for graphical user interfaces.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-010339 - The Red Hat Enterprise Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

VCLU-80-000152 The vCenter Lookup service must enable 'ENFORCE_ENCODING_IN_GET_WRITER'.DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1Unix

CONFIGURATION MANAGEMENT

VCSA-80-000248 The vCenter Server must disable the Customer Experience Improvement Program (CEIP).DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000271 The vCenter Server must only send NetFlow traffic to authorized collectors.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000275 The vCenter Server must configure the "vpxuser" auto-password to be changed every 30 days.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000281 The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000284 The vCenter Server must restrict access to the default roles with cryptographic permissions.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000286 The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000288 The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000292 The vCenter server configuration must be backed up on a regular basis.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000295 The vCenter server must require authentication for published content libraries.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000298 The vCenter Server must separate authentication and authorization for administrators.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VCSA-80-000299 The vCenter Server must disable CDP/LLDP on distributed switches.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000189 Virtual machines (VMs) must have copy operations disabled.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000191 Virtual machines (VMs) must have drag and drop operations disabled.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000193 Virtual machines (VMs) must have virtual disk shrinking disabled.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000195 Virtual machines (VMs) must limit console sharing.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000201 Virtual machines (VMs) must be configured to lock when the last console connection is closed.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000202 Virtual machines (VMs) must disable 3D features when not required.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000203 Virtual machines (VMs) must enable encryption for vMotion.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000206 Virtual machines (VMs) must configure log retention.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000207 Virtual machines (VMs) must enable logging.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMCH-80-000210 Virtual machines (VMs) must remove unneeded CD/DVD devices.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT