VMware vSphere 7.0 ESXi Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The ESXi host must verify the exception users list for lockdown mode.
While a host is in lockdown mode (strict or normal), only users on the "Exception Users" list are allowed access. These users do not lose their permissions when the host enters lockdown mode. The...Rule Medium Severity -
SRG-OS-000032-VMM-000130
Group -
SRG-OS-000021-VMM-000050
Group -
The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.
By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is ...Rule Medium Severity -
SRG-OS-000329-VMM-001180
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules