Details

The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.

Select the Management VMkernel and click ‘Edit’.

On the Port properties tab, uncheck everything but ‘Management.’

On the IP Settings tab, enter the appropriate IP address and subnet information and click ‘OK’.

Set the appropriate VLAN ID >> Configure >> Networking >> Virtual switches.

Select the Management portgroup and click ‘Edit’.

On the properties tab, enter the appropriate VLAN ID and click ‘OK’.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system VMware.

References

• 800-53|SC-8
• CAT|II
• CCI|CCI-002418
• Rule-ID|SV-239304r674841_rule
• STIG-ID|ESXI-67-000049
• Vuln-ID|V-239304

Source

• Tenable.com/audits