Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Access to the management network must be strictly controlled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| ESXI5-VMNET-000024 | ESXI5-VMNET-000024 | ESXI5-VMNET-000024_rule | Low |
| Description |
|---|
| Based upon a local site-specific risk assessment, jump boxes that run vSphere Client and other management clients (e.g., VSphere Management Assistant) must be configured. The management network must be isolated in order to prevent access by internal and external, unauthorized personnel. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-ESXI5-VMNET-000024_chk ) |
|---|
| Ask the SA if a management network jump box has been implemented and documented. Ask to see the documentation. Note that this check refers to an entity outside the scope of the ESXi-v5 server system. If a management network jump box has not been implemented or documented, this is a finding. |
| Fix Text (F-ESXI5-VMNET-000024_fix) |
|---|
| Implement and document a management network jump box solution. Note that this check refers to an entity outside the scope of the ESXi-v5 server system. |