VMCH-06-000043 – The system must use templates to deploy VMs whenever possible.

Details

By capturing a hardened base operating system image (with no applications installed) in a template, ensure all virtual machines are created with a known baseline level of security. Then use this template to create other, application-specific templates, or use the application template to deploy virtual machines. Manual installation of the OS and applications into a VM introduces the risk of misconfiguration due to human or process error.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Create hardened virtual machine templates to use for OS deployments.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_Virtual_Machine_V1R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|III
CCI|CCI-000366
Group-ID|V-64121
Rule-ID|SV-78611r1_rule
STIG-ID|VMCH-06-000043
Vuln-ID|V-64121

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles