| If the organization is not using products that use the dvFilter network API, the host should not be configured to send network information to a virtual machine (VM).
If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.
If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank. |