Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15887 | ESX0910 | SV-16828r1_rule | ECSC-1 | Low |
Description |
---|
The master templates will be stored in a separate partition (NTFS, VMFS, etc) from the production virtual machines. Partitioning the master templates isolates them from system, application, and user files. This isolation helps protect the disk space used by the operating system and various applications. Files cannot grow across partitions. Another advantage is that if a bad spot develops on the hard drive, the risk to the data is reduced as is recovery time. Furthermore, separate master template partitions provide the ability to set up certain directories as read-only file systems. |
STIG | Date |
---|---|
VMware ESX 3 Server | 2016-05-13 |
Check Text ( C-16246r1_chk ) |
---|
Perform the following on the ESX Server service console to determine if the /Master, /Utilities, /vmimages, or /(the name of the partition) are on separate disk partitions: # vdf -h Examine the Mounted on column for the disk device and ensure the device label for /Master, /Utilities, or /vmimages is not the same as the root filesystem. If they are the same, this is a finding. |
Fix Text (F-15847r1_fix) |
---|
Store all master templates on a separate partition. |