STIGQter STIGQter: STIG Summary: VMware ESX 3 Virtual Center Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The service console and virtual machines are not on dedicated VLANs or network segments.

DISA Rule

SV-16741r1_rule

Vulnerability Number

V-15802

Group Title

Virtual machines are not on dedicated VLAN.

Rule Version

ESX0130

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure separate VLANs or network segments for the service console and virtual machine traffic.

Check Contents

1. Log into VirtualCenter with the VI Client and select the ESX server from the inventory panel.
The hardware configuration page for the server appears.
2. Click the Configuration tab, and click Networking.
3. Examine the virtual switches and their respective VLAN IDs. A separate VLAN ID should be configured for the service console and virtual machine traffic. If the virtual machines and service console are on the same VLAN ID, this is a finding.

Vulnerability Number

V-15802

Documentable

False

Rule Version

ESX0130

Severity Override Guidance

1. Log into VirtualCenter with the VI Client and select the ESX server from the inventory panel.
The hardware configuration page for the server appears.
2. Click the Configuration tab, and click Networking.
3. Examine the virtual switches and their respective VLAN IDs. A separate VLAN ID should be configured for the service console and virtual machine traffic. If the virtual machines and service console are on the same VLAN ID, this is a finding.

Check Content Reference

M

Responsibility

[Virtual Server Administrator]

Target Key

1428

Comments