VMWare vSphere 5.X Hardening Guide

Audit Details

Name: VMWare vSphere 5.X Hardening Guide

Updated: 7/24/2023

Authority: VMWare

Plugin: VMware

Revision: 1.35

Estimated Item Count: 215

File Details

Filename: VMware_vSphere_5.x_Hardening_Guide.audit

Size: 412 kB

MD5: af9c36b223be6c8e861000dccff7ed2a
SHA256: c3b1ec4b300b4298e759782c7b929c71ac4301f6588a526cd2945555d8aaa212

Audit Items

DescriptionCategories
ESXi : apply-patches
ESXi : config-firewall-access - 'Active Directory All blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'CIM Secure Server allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'CIM Server allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'CIM SLP allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'DHCP Client allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'DHCPv6 blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'DNS Client allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'DVFilter blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'DVSSync blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'Fault Tolerance blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'FTP Client blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'gdbserver blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'HBR allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'httpClient blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'IKED blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'NFC allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'NFS Client blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'NTP Client blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'SNMP Server allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'Software iSCSI Client blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'SSH Client blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'SSH Server allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'syslog blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'vCenter Update Manager blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'VM serial port connected over network blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'VM serial port connected to vSPC blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'vMotion allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'VMware vCenter Agent allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'vSphere Client allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'vSphere High Availability Agent blocked'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'vSphere Web Access allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-firewall-access - 'WOL allowed'

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : config-ntp

AUDIT AND ACCOUNTABILITY

ESXi : config-persistent-logs

AUDIT AND ACCOUNTABILITY

ESXi : config-snmp - 'snmp.receiver.X.community'

IDENTIFICATION AND AUTHENTICATION

ESXi : config-snmp - 'snmp.receiver.X.enabled'

CONFIGURATION MANAGEMENT

ESXi : create-local-admin
ESXi : disable-dcui

CONFIGURATION MANAGEMENT

ESXi : disable-esxi-shell

CONFIGURATION MANAGEMENT

ESXi : disable-mob
ESXi : disable-ssh

CONFIGURATION MANAGEMENT

ESXi : enable-ad-auth

IDENTIFICATION AND AUTHENTICATION

ESXi : enable-auth-proxy
ESXi : enable-chap-auth

IDENTIFICATION AND AUTHENTICATION

ESXi : enable-host-profiles
ESXi : enable-lockdown-mode
ESXi : enable-nfc-ssl

SYSTEM AND COMMUNICATIONS PROTECTION

ESXi : enable-remote-dump
ESXi : enable-remote-syslog

AUDIT AND ACCOUNTABILITY