VMware vSphere 7.0 vCenter Appliance RhttpProxy Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000001-WSR-000001
Group -
Envoy must drop connections to disconnected clients.
Envoy client connections that are established but no longer connected can consume resources that might otherwise be required by active connections. It is a best practice to terminate connections th...Rule Medium Severity -
SRG-APP-000001-WSR-000001
Group -
SRG-APP-000014-WSR-000006
Group -
Envoy must be configured to operate in FIPS mode.
Envoy ships with FIPS 140-2 validated OpenSSL cryptographic libraries and is configured by default to run in FIPS mode. This module is used for all cryptographic operations performed by Envoy, incl...Rule Medium Severity -
SRG-APP-000015-WSR-000014
Group -
SRG-APP-000176-WSR-000096
Group -
The Envoy private key file must be protected from unauthorized access.
Envoy's private key is used to prove the identity of the server to clients and securely exchange the shared secret key used to encrypt communications between the web server and clients. By gaini...Rule Medium Severity -
SRG-APP-000315-WSR-000003
Group -
Envoy must exclusively use the HTTPS protocol for client connections.
Remotely accessing vCenter via Envoy involves sensitive information going over the wire. To protect the confidentiality and integrity of these communications, Envoy must be configured to use an enc...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules