ESXI-67-000057 – The ESXi host must configure the firewall to block network traffic by default – incoming

Details

In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by making sure this is set to deny incoming and outgoing traffic.

Solution

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
Rule-ID|SV-239311r674862_rule
STIG-ID|ESXI-67-000057
STIG-Legacy|SV-104147
STIG-Legacy|V-94061
Vuln-ID|V-239311

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles