STIGQter STIGQter: STIG Summary:

VMware vSphere 6.7 PostgreSQL Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 09 Mar 2021

CheckedNameTitle
SV-239196r717045_ruleVMware Postgres must limit the number of connections.
SV-239197r717050_ruleVMware Postgres log files must contain required fields.
SV-239198r717049_ruleVMware Postgres configuration files must not be accessible by unauthorized users.
SV-239199r717051_ruleVMware Postgres must be configured to overwrite older logs when necessary.
SV-239200r717052_ruleVMware Postgres database must protect log files from unauthorized access and modification.
SV-239201r717053_ruleAll VCDB tables must be owned by the "vc" user account.
SV-239202r717054_ruleVMware Postgres must limit modify privileges to authorized accounts.
SV-239203r678982_ruleVMware Postgres must be configured to use the correct port.
SV-239204r717055_ruleVMware Postgres must require authentication on all connections.
SV-239205r717059_ruleVMware Postgres must be configured to use TLS.
SV-239206r717057_ruleVMware Postgres must enforce authorized access to all PKI private keys.
SV-239207r717058_ruleVMware Postgres must use FIPS 140-2 approved TLS ciphers.
SV-239208r717060_ruleVMware Postgres must write log entries to disk prior to returning operation success or failure.
SV-239209r717061_ruleVMware Postgres must not allow schema access to unauthorized accounts.
SV-239211r717062_ruleVMware Postgres must provide non-privileged users with minimal error information.
SV-239212r717063_ruleVMware Postgres must have log collection enabled.
SV-239213r717065_ruleVMware Postgres must be configured to log to stderr.
SV-239214r717064_ruleRsyslog must be configured to monitor VMware Postgres logs.
SV-239215r717066_ruleVMware Postgres must use Coordinated Universal Time (UTC) for log timestamps.
SV-239216r717067_ruleVMware Postgres must set client-side character encoding to UTF-8.