vIDM must be configured to provide clustering.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-90289 | VRAU-VI-000315 | SV-100939r1_rule | Medium |
| Description |
|---|
| This requirement is dependent upon system MAC and confidentiality. If the system MAC and confidentiality levels do not specify redundancy requirements, this requirement is NA. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. When application failure is encountered, preserving application state facilitates application restart and return to the operational mode of the organization with less disruption of mission/business processes. Clustering of multiple application servers is a common approach to providing fail-safe application availability when system MAC and confidentiality levels require redundancy. |
| STIG | Date |
|---|---|
| VMW vRealize Automation 7.x vIDM Security Technical Implementation Guide | 2018-10-12 |
Details
| Check Text ( C-89981r1_chk ) |
|---|
| Interview the ISSO. Obtain the correct configuration for clustering used by the site. Review the vRealize Automation appliance's installation, environment, and configuration. Determine if vRA clustering has been correctly implemented. If vRA is not correctly implementing clustering, this is a finding. |
| Fix Text (F-97031r1_fix) |
|---|
| Interview the ISSO. Obtain the correct configuration for clustering used by the site. Configure vRealize Automation to be in compliance with the clustering design provided by the ISSO. |