VMware vSphere 7.0 ESXi Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The ESXi host rhttpproxy daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.
ESXi runs a reverse proxy service called rhttpproxy that front ends internal services and application programming interfaces (APIs) over one HTTPS port by redirecting virtual paths to localhost por...Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group -
The ESXi host must be configured with an appropriate maximum password age.
The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or reuse a previously cracked password. Rotating passwords on a regular basis is a fu...Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group -
SRG-OS-000480-VMM-002000
Group -
SRG-OS-000480-VMM-002000
Group -
The ESXi host must require TPM-based configuration encryption.
An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in oth...Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group -
The ESXi host must implement Secure Boot enforcement.
Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature....Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.