Enable remote syslog
Details Security log information could be modified or lost if the host is compromised or fails. Send syslog messages to...
- Home
- Security Hardening
- TNS Best Practice Citrix Hypervisor
TNS Best Practice Citrix Hypervisor
Ensure IP forwarding is disabled
Details Disable IP forwarding to prevent incoming packets from being forwarded. Solution Add net.ipv4.ip_forward=0 to /etc/sysctl.conf This security hardening control...External authentication is disabled
Details XenServer can integrate with Active Directory and grant AD groups access to XenServer roles. This integration may not be...Host version
Details The current XenServer version should be reviewed. NOTE: Nessus has provided the target output to assist in reviewing the...High availability is enabled
Details Multiple hosts can be joined to a resource pool to provide redundancy and improve availability of the services provided...Host is enabled
Details Enabled hosts can run VM guests. Solution A host may be disabled for maintenance, or it may indicate an...Identify a network interface to be used for storage access
Details Network traffic for storage should be segregated from normal VM and management traffic to limit access and ensure reliable...Install a trusted CA certificate on the pool
Details Using a certificate on the pool allows encrypted communications with the pool master through SSL. This check verifies that...Install a trusted certificate in place of the default self-signed SSL certificate
Details A certificate from a trusted CA allows for secure identification of the XenServer host to XAPI clients such as...List bonded NIC groups
Details The list of bonded NICs should be reviewed. NOTE: Nessus has provided the target output to assist in reviewing...