Virtual machines are connected to public virtual switches and are not documented.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15806 | ESX0170 | SV-16745r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Public virtual switches are bound to physical NICs providing virtual machines connectivity to the physical network, whereas connecting physical servers to the LAN usually requires a cable. Virtual network configuration is much easier since once a virtual machine is attached to a virtual switch, these machines are able to send and receive packets. Care must be taken as to which virtual machines have access to the physical network through the public virtual switches. The master configuration file for virtual switches is the esx.conf file. |
| STIG | Date |
|---|---|
| VMware ESX 3 Virtual Center | 2016-05-03 |
Details
| Check Text ( C-16029r1_chk ) |
|---|
| 1. Request the documentation for all virtual machines connected to public virtual switches. If no documentation exists or the documentation is not accurate, this is a finding. 2. Log into VirtualCenter with the VI Client, and select the ESX server from the inventory panel. The hardware configuration page for the server appears. 3. Click the Configuration tab, and click Networking. 4. Review all virtual switches that have virtual machines connected to them that may access the external network. Compare the actual configuration to the documentation and verify that no discrepancies exist. If so, this is a finding. |
| Fix Text (F-15749r1_fix) |
|---|
| Document all virtual machines that need access to public virtual switches. |