Detections
Analytics
VCENTER-000027 - The system must set a timeout for all thick-client logins without activity.
Information
An inactivity timeout must be set for the vSphere Client (Thick Client). This client-side setting can be changed by users, so this must be set by default and re-audited. Automatic session termination minimizes risk and reduces the potential for unauthorized access to vCenter.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
On each Windows computer with the vSphere Client installed:Set a 15 minute (maximum) timeout in the VpxClient.exe.config file:
Locate the VpxClient.exe.config file using the Windows OS search facility. Next, right click on VpxClient.exe.config and edit the file using an editor, such as Notepad. In the <cmdlineFallback>... </cmdlineFallback> section, modify the <inactivityTimeout>X</inactivityTimeout> where X is the (maximum=15) number of minutes before the vSphere Client will automatically disconnect from the server. Exit, saving the file.
Set a 15 minute (maximum) timeout execution flag when starting the vSphere Client executable:
Locate the vSphere Client executable icon on the desktop, right click, and select properties. Add '-inactivityTimeout X', where X is the (maximum=15) number of minutes before the vSphere Client will automatically disconnect from the server.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_ESXi5_vCenter_Server_V2R1_STIG.zip
Item Details
Audit Name: DISA STIG VMWare ESXi vCenter 5 STIG v2r1
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Group-ID|V-39563, Rule-ID|SV-250744r799922_rule, STIG-ID|VCENTER-000027, STIG-Legacy|SV-51421, STIG-Legacy|V-39563, Vuln-ID|V-250744
Plugin: VMware
Control ID: 368c85176ffde33941e57cc14e6dec5e53a91136b32f64f42af28056330b1c22