Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Nutanix AOS 5.20.x Application Security Technical Implementation Guide
SRG-APP-000211-AS-000146
SRG-APP-000211-AS-000146
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000211-AS-000146
1 Rule
<GroupDescription></GroupDescription>
Nutanix AOS must configure network traffic segmentation when using Disaster Recovery Services.
Medium Severity
<VulnDiscussion>The application server consists of the management interface and hosted applications, as well as cluster management functions. Separating the management interface from hosted applications prevents nonprivileged users from having visibility to functions not available to the user. Isolating cluster management functions ensures that cluster housekeeping tasks such as disaster recovery, replication, etc. function on their own network segment away from production traffic. Application server management functionality includes functions necessary to administer the application server and requires privileged access via one of the accounts assigned to a management role. The hosted application and hosted application functionality consists of the assets needed for the application to function, such as the business logic, databases, user authentication, etc. The separation of application server administration functionality from hosted application functionality is either physical or logical and is accomplished by using different computers, different central processing units, different instances of the operating system, network addresses, network ports, or combinations of these methods, as appropriate.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>