VMware vSphere 7.0 ESXi Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-VMM-002000
Group -
SRG-OS-000480-VMM-002000
Group -
The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.
X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group -
The ESXi host Secure Shell (SSH) daemon must not permit tunnels.
OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar ris...Rule Medium Severity -
SRG-OS-000480-VMM-002000
Group -
The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.
Setting a timeout ensures that a user login will be terminated as soon as the "ClientAliveCountMax" is reached.Rule Low Severity -
SRG-OS-000480-VMM-002000
Group -
The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.
Automatically logging out idle users guards against compromises via hijacked administrative sessions.Rule Low Severity -
SRG-OS-000037-VMM-000150
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.