VMware vSphere 8.0 ESXi Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must restrict use of the dvFilter network application programming interface (API).
<VulnDiscussion>If the organization is not using products that use the dvFilter network API, the host should not be configured to send networ...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.
<VulnDiscussion>When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without m...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must have all security patches and updates installed.
<VulnDiscussion>Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.</VulnD...Rule High Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.
<VulnDiscussion>Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need t...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.
<VulnDiscussion>The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.