UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VMware vSphere 8.0 Virtual Machine Security Technical Implementation Guide


Overview

Date Finding Count (25)
2023-10-11 CAT I (High): 0 CAT II (Med): 17 CAT III (Low): 8
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Sensitive)

Finding ID Severity Title
V-258725 Medium Virtual machines (VMs) must remove unneeded serial devices.
V-258724 Medium Virtual machines (VMs) must remove unneeded parallel devices.
V-258727 Medium Virtual machines (VMs) must disable DirectPath I/O devices when not required.
V-258726 Medium Virtual machines (VMs) must remove unneeded USB devices.
V-258721 Medium Virtual machines (VMs) must not use independent, nonpersistent disks.
V-258720 Medium Virtual machines (VMs) must enable logging.
V-258722 Medium Virtual machines (VMs) must remove unneeded floppy devices.
V-258707 Medium Virtual machines (VMs) must have virtual disk wiping disabled.
V-258706 Medium Virtual machines (VMs) must have virtual disk shrinking disabled.
V-258708 Medium Virtual machines (VMs) must limit console sharing.
V-258714 Medium Virtual machines (VMs) must be configured to lock when the last console connection is closed.
V-258716 Medium Virtual machines (VMs) must enable encryption for vMotion.
V-258717 Medium Virtual machines (VMs) must enable encryption for Fault Tolerance.
V-258710 Medium Virtual machines (VMs) must prevent unauthorized removal, connection, and modification of devices.
V-258711 Medium Virtual machines (VMs) must not be able to obtain host information from the hypervisor.
V-258718 Medium Virtual machines (VMs) must configure log size.
V-258719 Medium Virtual machines (VMs) must configure log retention.
V-258723 Low Virtual machines (VMs) must remove unneeded CD/DVD devices.
V-258705 Low Virtual machines (VMs) must have paste operations disabled.
V-258704 Low Virtual machines (VMs) must have drag and drop operations disabled.
V-258703 Low Virtual machines (VMs) must have copy operations disabled.
V-258709 Low Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.
V-258715 Low Virtual machines (VMs) must disable 3D features when not required.
V-258712 Low Virtual machines (VMs) must have shared salt values disabled.
V-258713 Low Virtual machines (VMs) must disable access through the "dvfilter" network Application Programming Interface (API).