The operating system must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-000142-ESXI5-PNF | SRG-OS-000142-ESXI5-PNF | SRG-OS-000142-ESXI5-PNF_rule | Medium |
| Description |
|---|
| In the case of Denial of Service attacks, care must be taken when designing the operating system so as to ensure that the operating system makes the best use of system resources. Permanent not a finding - ESXi is a hypervisor and (by definition) this is the base function. Resource limits are employed. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-000142-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-SRG-OS-000142-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |