VMware vSphere 8.0 vCenter Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000516
Group -
SRG-APP-000014
Group -
The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions.
Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol. In vCente...Rule Medium Severity -
SRG-APP-000516
Group -
The vCenter Server must disable accounts used for Integrated Windows Authentication (IWA).
If not used for their intended purpose, default accounts must be disabled. vCenter ships with several default accounts, two of which are specific to IWA and SASL/Kerberos authentication. If other m...Rule Medium Severity -
The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.
Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive ...Rule Medium Severity -
vCenter Server plugins must be verified.
The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Se...Rule Medium Severity -
The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.
To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system. Organizational user...Rule Medium Severity -
The vCenter Server must prohibit password reuse for a minimum of five generations.
Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. To meet password policy requirements, passwords must be...Rule Medium Severity -
The vCenter Server passwords must contain at least one uppercase character.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.