Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-94613 | VMCH-65-000028 | SV-104443r1_rule | Medium |
Description |
---|
Ensure that no device is connected to a virtual machine if it is not required. For example, floppy, serial and parallel ports are rarely used for virtual machines in a datacenter environment, and CD/DVD drives are usually connected only temporarily during software installation. |
STIG | Date |
---|---|
VMware vSphere 6.5 Virtual Machine Security Technical Implementation Guide | 2019-10-01 |
Check Text ( C-93803r1_chk ) |
---|
From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no floppy device is connected. or From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command: Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState If a virtual machine has a floppy drive connected, this is a finding. |
Fix Text (F-100731r1_fix) |
---|
If the floppy drive is required to be present, then from the vSphere Client right-click the Virtual Machine and go to Edit Settings, make sure the drive is not connected and will not "Connect at power on". If the floppy drive is not required, then from the vSphere Client power off the virtual machine, right-click the Virtual Machine and go to Edit Settings, select the floppy drive and click the circle-x to remove then OK. or From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command: Get-VM "VM Name" | Get-FloppyDrive | Remove-FloppyDrive |