STIGQter: STIG Summary: VMware vSphere 6.7 vCenter Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

The vCenter Server must implement Active Directory authentication.

DISA Rule

SV-243079r719480_rule

Vulnerability Number

V-243079

Group Title

SRG-APP-000153

Rule Version

VCTR-67-000009

Severity

CAT II

CCI(s)

• CCI-000770 - The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Weight

10

Fix Recommendation

From the vSphere Web Client go to Administration >> Single Sign-On >> Configuration.

Click the "Add identity source".

Select either "Active Directory over LDAP" or "Active Directory (Windows Integrated Authentication)" and configure appropriately.

Note: Windows Integrated Authentication requires that the vCenter server be joined to AD before configuration via Administration >> Single Sign-On >> Configuration >> Active Directory Domain.

Check Contents

From the vSphere Web Client, go to Administration >> Single Sign-On >> Configuration.

Click the "Identity Sources" tab.

If there is no identity source of type "Active Directory" (either Windows Integrated Authentication or LDAP), this is a finding.

Vulnerability Number

V-243079

Documentable

False

Rule Version

VCTR-67-000009

Severity Override Guidance

From the vSphere Web Client, go to Administration >> Single Sign-On >> Configuration.

Click the "Identity Sources" tab.

If there is no identity source of type "Active Directory" (either Windows Integrated Authentication or LDAP), this is a finding.

Check Content Reference

M

Target Key

5399

Comments