The NSX Manager must assign users/accounts to organization-defined roles configured with approved authorizations.

An XCCDF Rule

Description

<VulnDiscussion>The lack of authorization-based access control could result in the immediate compromise and unauthorized access to sensitive information. Users must be assigned to roles which are configured with approved authorizations and access permissions. The NSX Manager must be configured granularly based on organization requirements to only allow authorized administrators to execute privileged functions. Role assignments should control which administrators can view or change the device configuration, system files, and locally stored audit information.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-263203r977376_rule
Severity: High
References: CCI-000163 CCI-000164 CCI-000213 CCI-000345 CCI-001199 CCI-001368 CCI-001499 CCI-001812 CCI-001813 CCI-002169 CCI-002235 CCI-002883
Updated: 19 days ago

To create a new role with reduced permissions, do the following:

From the NSX Manager web interface, go to System >> Settings >> User Management >> Roles.

Click "Add Role", provide a name and the required permissions, and then click "Save".
To update user or group permissions to an existing role with reduced permissions, do the following:

From the NSX Manager web interface, go to System >> User Management >> User Role Assignment.

Click the menu dropdown next to the target user or group and select "Edit".

Remove the existing role, select the new one, and then click "Save".

The NSX Manager must assign users/accounts to organization-defined roles configured with approved authorizations.

Description

Remediation - Manual Procedure