Access to the management network must be strictly controlled through a network jump box.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-39401 | ESXI5-VMNET-000024 | SV-51259r1_rule | Medium |
| Description |
|---|
| Based upon an organization's risk assessment, jump boxes that run vSphere Client and other management clients (e.g., VSphere Management Assistant) must be configured. The management network must be isolated in order to prevent access by internal and external, unauthorized personnel. |
| STIG | Date |
|---|---|
| VMware ESXi Server 5.0 Security Technical Implementation Guide | 2017-01-06 |
Details
| Check Text ( C-46675r1_chk ) |
|---|
| Ask the SA if a management network jump box has been implemented and documented. Ask to see the documentation. Note that this check refers to an entity outside the scope of the ESXi server system. If a management network jump box has not been implemented or documented, this is a finding. |
| Fix Text (F-44414r1_fix) |
|---|
| Implement and document a management network jump box solution. Note that this check refers to an entity outside the scope of the ESXi server system. |