STIGQter: STIG Summary: VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server HORIZON must use NSA Suite A cryptography when encrypting data that must be compartmentalized.

DISA Rule

SV-100799r1_rule

Vulnerability Number

V-90149

Group Title

SRG-APP-000416-WSR-000118

Rule Version

VRAU-TC-000820

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Navigate to and open /opt/vmware/horizon/workspace/conf/catalina.properties.

Navigate to the "bio-ssl.cipher.list" setting.

Configure "bio-ssl.cipher.list" with a list of NSA Suite A ciphers.

Check Contents

If the system is not implemented to process compartmentalized information, this requirement is Not Applicable.

At the command prompt, execute the following command:

grep bio-ssl.cipher.list /opt/vmware/horizon/workspace/conf/catalina.properties

If the value of "bio-ssl.cipher.list" does not match the list of NSA Suite A ciphers or is missing, this is a finding.

Vulnerability Number

V-90149

Documentable

False

Rule Version

VRAU-TC-000820

Severity Override Guidance

If the system is not implemented to process compartmentalized information, this requirement is Not Applicable.

At the command prompt, execute the following command:

grep bio-ssl.cipher.list /opt/vmware/horizon/workspace/conf/catalina.properties

If the value of "bio-ssl.cipher.list" does not match the list of NSA Suite A ciphers or is missing, this is a finding.

Check Content Reference

M

Target Key

3439

Comments