VMware vSphere 8.0 vCenter Appliance Envoy Security Technical Implementation Guide


Overview

Date Finding Count (5)
2023-10-29 CAT I (High): 0 CAT II (Med): 5 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Classified)

Finding ID Severity Title
V-259161 Medium The vCenter Envoy and Rhttpproxy service log files permissions must be set correctly.
V-259162 Medium The vCenter Envoy service private key file must be protected from unauthorized access.
V-259163 Medium The vCenter Rhttpproxy service log files must be sent to a central log server.
V-259164 Medium The vCenter Envoy service log files must be sent to a central log server.
V-259165 Medium The vCenter Envoy service must set a limit on remote connections.