Skip to content
Log In

VMware vSphere 8.0 vCenter Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000065

    Group
    Show

  • The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.

    By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the a...
    Rule Medium Severity
    Show

  • SRG-APP-000068

    Group
    Show

  • SRG-APP-000095

    Group
    Show

  • The vCenter Server must produce audit records containing information to establish what type of events occurred.

    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000148

    Group
    Show

  • SRG-APP-000080

    Group
    Show

  • The vCenter Server must require multifactor authentication.

    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased. Multifactor authentication requires using two or more factors to achieve authentica...
    Rule Medium Severity
    Show

  • SRG-APP-000164

    Group
    Show

  • The vCenter Server passwords must be at least 15 characters in length.

    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised. Password complexity, or strength, is a measure of the effectivene...
    Rule Medium Severity
    Show

  • SRG-APP-000165

    Group
    Show

  • SRG-APP-000166

    Group
    Show

  • SRG-APP-000167

    Group
    Show

  • The vCenter Server passwords must contain at least one lowercase character.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000168

    Group
    Show

  • SRG-APP-000169

    Group
    Show

  • SRG-APP-000172

    Group
    Show

  • The vCenter Server must enable FIPS-validated cryptography.

    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements. In vSphere 6.7 and later, ESXi and vCenter Se...
    Rule High Severity
    Show

  • SRG-APP-000174

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules