VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000295-AS-000263
Group -
The vCenter STS service must set an inactive timeout for sessions.
Leaving sessions open indefinitely is a major security risk. An attacker can easily use an already authenticated session to access the hosted application as the previously authenticated user. By cl...Rule Medium Severity -
SRG-APP-000358-AS-000064
Group -
The vCenter STS service must offload log records onto a different system or media from the system being logged.
Information system logging capability is critical for accurate forensic analysis. Log record content that may be necessary to satisfy the requirement of this control includes, but is not limited to...Rule Medium Severity -
SRG-APP-000001-AS-000001
Group -
The vCenter STS service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive.
Denial of service (DoS) is one threat against web servers. Many DoS attacks attempt to consume web server resources in such a way that no more resources are available to satisfy legitimate requests...Rule Medium Severity -
SRG-APP-000001-AS-000001
Group -
The vCenter STS service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive.
KeepAlive provides long lived HTTP sessions that allow multiple requests to be sent over the same connection. Enabling KeepAlive mitigates the effects of several types of denial-of-service attacks....Rule Medium Severity -
SRG-APP-000251-AS-000165
Group -
SRG-APP-000033-AS-000024
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.