VMware vSphere 8.0 Virtual Machine Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Virtual machines (VMs) must disable access through the "dvfilter" network Application Programming Interface (API).
<VulnDiscussion>An attacker might compromise a VM by using the "dvFilter" API. Configure only VMs that need this access to use the API.</V...Rule Low Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
Virtual machines (VMs) must be configured to lock when the last console connection is closed.
<VulnDiscussion>When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
Virtual machines (VMs) must disable 3D features when not required.
<VulnDiscussion>For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functi...Rule Low Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
Virtual machines (VMs) must enable encryption for vMotion.
<VulnDiscussion>vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMo...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group -
Virtual machines (VMs) must enable encryption for Fault Tolerance.
<VulnDiscussion>Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU in...Rule Medium Severity -
SRG-OS-000480-VMM-002000
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.