The operating system must prevent public access into an organization's internal networks, except as appropriately mediated by managed interfaces employing boundary protection devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-OS-000146-ESXI5-PNF | SRG-OS-000146-ESXI5-PNF | SRG-OS-000146-ESXI5-PNF_rule | Medium |
| Description |
|---|
| Access into an organization's internal network and to key internal boundaries must be tightly controlled and managed. In the case of the operating system, the key boundary may be the workstation on the public internet. Applicable, but permanent not-a-finding - Host (ESXi Server) isolation on a separate, non-routed, management network is required. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-SRG-OS-000146-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-SRG-OS-000146-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |