STIGQter: STIG Summary: VMW vSphere 6.5 vCenter Server for Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: VMW vSphere 6.5 vCenter Server for Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-216834r612237_rule
V-216834
SRG-APP-000516
VCWN-65-000012
CAT III
10
From the vSphere Web Client go to Networking >> Select a distributed switch >> Configure >> Settings >> Health Check. Click the "Edit" button and disable both health checks.
or
From a PowerCLI command prompt while connected to the vCenter server run the following command:
Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch "False"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}
From the vSphere Web Client go to Networking >> Select a distributed switch >> Configure >> Settings >> Health Check. View the health check pane and verify both checks are disabled.
or
From a PowerCLI command prompt while connected to the vCenter server run the following commands:
$vds = Get-VDSwitch
$vds.ExtensionData.Config.HealthCheckConfig
If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.
V-216834
False
VCWN-65-000012
From the vSphere Web Client go to Networking >> Select a distributed switch >> Configure >> Settings >> Health Check. View the health check pane and verify both checks are disabled.
or
From a PowerCLI command prompt while connected to the vCenter server run the following commands:
$vds = Get-VDSwitch
$vds.ExtensionData.Config.HealthCheckConfig
If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.
M
4030