ESX Server service console administrators are not documented

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-15828	ESX0360	SV-16767r1_rule		Medium

Description
User access to the service console should be restricted. The service console has privileged access to the ESX Server and only authorized users should be provided logon access. Personnel that manage the ESX Server will have individual usernames for accessing the ESX Server, creating an audit trail of activities. Virtual machine users will not have ESX Server logins, since there is no inherent need.

Description

User access to the service console should be restricted. The service console has privileged access to the ESX Server and only authorized users should be provided logon access. Personnel that manage the ESX Server will have individual usernames for accessing the ESX Server, creating an audit trail of activities. Virtual machine users will not have ESX Server logins, since there is no inherent need.

STIG	Date
VMware ESX 3 Server	2016-05-13

Details

Check Text ( C-16179r1_chk )
Request the ESX Server service console user documentation from the IAO/SA. Compare this documentation to the users on the ESX Server by performing the following at the service console: # less /etc/passwd If a discrepancy exists between the ESX Server and the documentation, this is a finding.

Fix Text (F-15780r1_fix)
Document all ESX Server service console users for the ESX Server.