The operating system must use cryptography to protect the confidentiality of remote access sessions.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-OS-000033-ESXI5-PNF	SRG-OS-000033-ESXI5-PNF	SRG-OS-000033-ESXI5-PNF_rule		Medium

Description
Remote network access is accomplished by leveraging common communication protocols and establishing a remote connection. These connections will occur over the public Internet. Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Using cryptography ensures confidentiality of the remote access connections. Applicable, but permanent not-a-finding - No dial-up/wireless. SSH is encrypted. Auditing is enabled by default and cannot be configured. Access is monitored.

Description

Remote network access is accomplished by leveraging common communication protocols and establishing a remote connection. These connections will occur over the public Internet. Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Using cryptography ensures confidentiality of the remote access connections. Applicable, but permanent not-a-finding - No dial-up/wireless. SSH is encrypted. Auditing is enabled by default and cannot be configured. Access is monitored.

STIG	Date
VMware ESXi v5 Security Technical Implementation Guide	2013-01-15

Details

Check Text ( C-SRG-OS-000033-ESXI5-PNF_chk )
ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding.

Fix Text (F-SRG-OS-000033-ESXI5-PNF_fix)
This requirement is permanent not a finding. No fix is required.