VCRP-67-000001 – The rhttpproxy must drop connections to disconnected clients.
Details The rhttpproxy client connections that are established but no longer connected can consume resources that might otherwise be required...
- Home
- Security Hardening
- DISA STIG VMware vSphere 6.7 RhttpProxy V1R1
DISA STIG VMware vSphere 6.7 RhttpProxy V1R1
VCRP-67-000002 – The rhttpproxy must set a limit on established connections.
Details The rhttpproxy client connections must be limited to preserve system resources and continue servicing connections without interruption. Without a...VCRP-67-000003 – The rhttpproxy must be configured to operate solely with FIPS ciphers.
Details The rhttpproxy ships with FIPS 140-2 validated OpenSSL cryptographic libraries and is configured by default to run in FIPS...VCRP-67-000004 – The rhttpproxy must use cryptography to protect the integrity of remote sessions.
Details The rhttpproxy can be configured to support TLS 1.0, 1.1 and 1.2. Due to intrinsic problems in TLS 1.0...VCRP-67-000005 – The rhttpproxy must produce log records containing sufficient information to establish the source of events.
Details After a security incident has occurred, investigators will often review log files to determine what happened, and determining the...VCRP-67-000006 – The rhttpproxy must have logging enabled.
Details After a security incident has occurred, investigators will often review log files to determine what happened. The rhttpproxy must...VCRP-67-000007 – The rhttpproxy private key file must be protected from unauthorized access.
Details The rhttpproxy’s private key is used to prove the identity of the server to clients and securely exchange the...VCRP-67-000008 – The rhttproxy must exclusively use the HTTPS protocol for client connections – certificate
Details Remotely accessing vCenter via the rhttpproxy involves sensitive information going over the wire. To protect the confidentiality and integrity...VCRP-67-000008 – The rhttproxy must exclusively use the HTTPS protocol for client connections – privateKey
Details Remotely accessing vCenter via the rhttpproxy involves sensitive information going over the wire. To protect the confidentiality and integrity...VCRP-67-000008 – The rhttproxy must exclusively use the HTTPS protocol for client connections – vecsServerName
Details Remotely accessing vCenter via the rhttpproxy involves sensitive information going over the wire. To protect the confidentiality and integrity...