UCF STIG Viewer Logo

Access to the management network must be strictly controlled.


Overview

Finding ID Version Rule ID IA Controls Severity
ESXI5-VMNET-000024 ESXI5-VMNET-000024 ESXI5-VMNET-000024_rule Low
Description
Based upon a local site-specific risk assessment, jump boxes that run vSphere Client and other management clients (e.g., VSphere Management Assistant) must be configured. The management network must be isolated in order to prevent access by internal and external, unauthorized personnel.
STIG Date
VMware ESXi v5 Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-ESXI5-VMNET-000024_chk )
Ask the SA if a management network jump box has been implemented and documented. Ask to see the documentation. Note that this check refers to an entity outside the scope of the ESXi-v5 server system.

If a management network jump box has not been implemented or documented, this is a finding.
Fix Text (F-ESXI5-VMNET-000024_fix)
Implement and document a management network jump box solution.
Note that this check refers to an entity outside the scope of the ESXi-v5 server system.