Compliance

On January 16, 2020, the Defense Information Systems Agency has made available the second update to VMware vSphere 6.5 STIGs released in 2019. VMware vSphere 6.5 STIG Version 1, Release 3 includes updates to both the ESXi and the vCenter Server STIGs. Per the revision history provided in the updated STIG download, the following changes were made: VMware vSphere 6.5 ESXi STIG V-94505, V-94507, V-94529, V-94531, V-94543, V-94545 - Added N/A statement when host profiles are not used to join AD These STIGs checks all relate to the authentication of users to ESXi using Active Directory.

On October 25, 2019, the Defense Information Systems Agency has made available the first updates to VMware vSphere 6.5 STIGs released earlier this year. VMware vSphere 6.5 STIG Version 1, Release 2 includes updates to both the ESXi and the Virtual Machine STIGs. Per the revision history provided in the updated STIG download, the following changes were made: VMware vSphere 6.5 ESXi STIG V-94491, V-94493, V-94495, V-94497, V94499, V-94501, V-94503, V-94513, V94515,V-94517, V-94519, V-94521, V94523, V-94525, V-94527, V-94537, V94539, V-94541, V-94551, V-94553, V94555, V-94557, V-94049 - Removed multiple duplicate requirements in ESXi STIG.

As a follow-up to my previous post providing alert content for the VMware vSphere 6.5 Virtual Machine STIG Version 1, Release 1, I have also put together new alert content for the VMware vSphere 6.5 ESXi STIG Version 1, Release 1. See the link at the bottom of the page to download the alert content XML. The following STIG items cannot be verified by vRealize Operations because the checks are user process related, the configuration values are not currently collected by vRealize Operations, or the checks involve non-VMware assets (e.

With the recent release of the VMware vSphere 6.5 Virtual Machine STIG Version 1, Release 1, I needed to create new vRealize Operations alert content to verify compliance of my virtual machines. Combined with the automated alert remediation process I described in a previous post, ensuring compliance with the new STIG requirements is easy. See the link at the bottom of the page to download the alert content XML. Unfortunately, the following STIG items can’t be verified by vRealize Operations either because the checks are user process related or the configuration values aren’t currently collected by vRealize Operations:

Update: On Oct 25, 2019, DISA released the first update to the VMware vSphere 6.5 STIGs As of today, the Defense Information Systems Agency has made available the first STIGs for VMware vSphere 6.5. These STIGs can be downloaded from DoD Cyber Exchange here: DISA Virtualization STIG Downloads. The VMware vSphere 6.5 STIG ZIP file contains the following: VMware vSphere 6.5 Version 1 Release 1 - Overview PDF VMware vSphere 6.