Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-90115 | VRAU-TC-000710 | SV-100765r1_rule | High |
Description |
---|
Remote access to the web server is any access that communicates through an external, non-organization-controlled network. Remote access can be used to access hosted applications or to perform management functions. A web server can be accessed remotely and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. vRealize Automation can be configured with a variety of authentication sources. Site policies and procedures will dictate the appropriate authentication mechanism. |
STIG | Date |
---|---|
VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide | 2018-10-12 |
Check Text ( C-89807r1_chk ) |
---|
Obtain the correct configuration data for the Authentication Source from the ISSO. Open a web browser, and type in the vRA URL. 1. Log on to the Tenant Administration Portal. 2. Click on Administration >> Directories Management. 3. Click on "Policies". 4. Click on the "Policy Set" link. 5. Verify that User Authentication is configured correctly. If the Authentication Source is not configured in accordance with site policy, this is a finding. |
Fix Text (F-96857r1_fix) |
---|
Obtain the correct configuration data for the Authentication Source from the ISSO. Open a web browser, and type in the vRA URL. 1. Log on to the Tenant Administration Portal. 2. Click on Administration >> Directories Management. 3. Click on "Policies". 4. Click on the "Policy Set" link. 5. Modify the Authentication Source in accordance with site policy. |