Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must disable unnecessary or superfluous functions inside VMs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| ESXI5-VM-000032 | ESXI5-VM-000032 | ESXI5-VM-000032_rule | Medium |
| Description |
|---|
| By disabling unnecessary system components that are not needed to support the application or service running on the system, the number of parts is reduced that can be attacked. VMs often do not require as many services or functions as ordinary physical servers; so when virtualizing, evaluate whether a particular service or function is truly needed. Any service running in a VM provides a potential avenue of attack. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-ESXI5-VM-000032_chk ) |
|---|
| This check is both site and mission specific. Steps must include disabling unused OS services, disconnection of unused physical devices, such as removable disk media drives and USB adaptors. Ask the SA if unused guest OS services and devices have been disabled and/or disconnected, respectively. If unused guest OS services and devices have not been disabled and disconnected, this is a finding. |
| Fix Text (F-ESXI5-VM-000032_fix) |
|---|
| Ensure all unused guest OS services and devices have been disabled and/or disconnected, respectively. The fix is site and mission specific. |