Skip to content

VMware vSphere 8.0 ESXi Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The ESXi host must configure virtual switch security policies to reject forged transmits.

    <VulnDiscussion>If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send fr...
    Rule Medium Severity
  • SRG-OS-000480-VMM-002000

    <GroupDescription></GroupDescription>
    Group
  • The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.

    &lt;VulnDiscussion&gt;If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC addr...
    Rule High Severity
  • SRG-OS-000480-VMM-002000

    <GroupDescription></GroupDescription>
    Group
  • The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.

    &lt;VulnDiscussion&gt;When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potenti...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules