STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must employ a deny-all, allow-by-exception firewall policy for allowing connections to other systems.

DISA Rule

SV-100531r1_rule

Vulnerability Number

V-89881

Group Title

SRG-OS-000480-GPOS-00231

Rule Version

VRAU-SL-001550

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002080 - The organization employs either an allow-all, deny-by-exception or a deny-all, permit-by-exception policy for allowing organization-defined information systems to connect to external information systems.

Weight

10

Fix Recommendation

Configure the SLES for vRealize to employ a deny-all, allow-by-exception firewall policy for allowing connections to other systems.

Check Contents

Check firewall configuration with the following command:

iptables --list|grep -e OUTPUT -e INPUT -e FORWARD

If employ a deny-all, allow-by-exception firewall policy for allowing connections to other systems, this is a finding.

Vulnerability Number

V-89881

Documentable

False

Rule Version

VRAU-SL-001550

Severity Override Guidance

Check firewall configuration with the following command:

iptables --list|grep -e OUTPUT -e INPUT -e FORWARD

If employ a deny-all, allow-by-exception firewall policy for allowing connections to other systems, this is a finding.

Check Content Reference

M

Target Key

3459

Comments