VMware NSX-T SDN Controller Security Technical Implementation Guide

Quick Actions

We are continuing to improve Stigviewer and we are planning on rolling out new services in the near future. Would you like to be part of the conversation on what those features should be? If so, click here.

Featured Partners

Web page built by Cyber Protection Services

Check out our new AI-powered GRC tool here .
Compliance Dictionary

Standardizes and unifies compliance terms.

Overview

Version	Date	Finding Count (2)			Downloads
1	2022-03-09	CAT I (High): 0	CAT II (Medium): 2	CAT III (Low): 0	Excel JSON XML

Stig Description

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive	II - Mission Critical Classified	II - Mission Critical Public	II - Mission Critical Sensitive	III - Mission Critical Classified	III - Mission Critical Public	III - Mission Critical Sensitive

Findings - All

Finding ID	Severity	Title	Description
V-251735	Medium	The NSX-T Controller cluster must be on separate physical hosts.	SDN relies heavily on control messages between a controller and the forwarding devices for network convergence. The controller uses node and link state discovery information to calculate and determine optimum pathing within the SDN network infrastructure based on application, business, and security policies. Operating in the proactive flow instantiation mode,...
V-251734	Medium	The NSX-T Controller must be configured as a cluster in active/active mode to preserve any information necessary to determine cause of a system failure and to maintain network operations with least disruption to workload processes and flows.	Failure in a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the SDN controller. Preserving network element state information helps...

STIG VIEWER