1.12 (L2) Host integrated hardware management controller must deactivate internal networking


Many servers have integrated hardware management controllers with the ability to present virtual network interfaces to ESXi as a management interface. These approaches create potential backdoors for access and are used by adversaries to circumvent network-based/perimeter firewalls, in either direction, and avoid observation by IDS/IPS/threat analysis tools. In many cases this functionality is not strictly necessary to manage hosts.

Using integrated hardware management controllers to present virtual network interfaces to ESXi can inadvertently create backdoors, allowing adversaries to bypass firewalls and evade detection by security tools; often, this functionality isn't essential for host management.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.



Disablement of internal networking may limit vendor management tool effectiveness.

See Also


Item Details


References: 800-53|CM-6, 800-53|CM-7, CSCv7|11.7

Plugin: VMware

Control ID: f4fe74f686f2007a1a6bbd3a0b4893aff324f57c3d2de76e02471e1f0f596468