U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

VMware vSphere 6.0 vCenter Server for Windows STIG Ver 1, Rel 4 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
VMware vSphere 6.0 vCenter Server for Windows cpe:/a:vmware:vcenter_server:6.0 (View CVEs)

Checklist Highlights

Checklist Name:
VMware vSphere 6.0 vCenter Server for Windows STIG
Checklist ID:
690
Version:
Ver 1, Rel 4
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
01/27/2017

Checklist Summary:

The VMware vSphere 6.0 vCenter Server for Windows Security Technical Implementation Guide (STIG) provides security policy and configuration requirements for the vCenter Server management application running on Windows to manage VMware vSphere 6.0 ESXi hypervisors and hosted virtual machines. The VMware vSphere 6.0 vCenter Server for Windows STIG presumes the application is installed on a STIG-compliant Microsoft Windows server, using Active Directory services, in an environment compliant with all applicable DoD guidance.

Checklist Role:

  • Virtualization Server

Known Issues:

Not Provided

Target Audience:

The security requirements contained within this STIG are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls in a VMware vSphere environment centrally managed by a vCenter Server. This document is not a guide to Windows system administration.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoD Directive (DoDD) 8500.1 and 8500.2

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not Provided

Product Support:

Not Provided

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not Provided

Licensing:

Not Provided

Change History: 

Updated to FINAL - 09/12/2016
Updated to Ver 1, Rel 3 - 01/27/2017
Updated to FINAL - 03/13/2017
Updated URL to reflect change to the DISA website - http --> https
Updated URLs - 6/14/19
Sunset per DISA - 11/25/19

Dependency/Requirements:

URL Description

References:

Reference URL Description
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/U_VMWare_vSphere_6-0_V1R1_Overview.pdf Sunset - VMware vSphere 6.0 Overview - Ver 1, Rel 1
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/U_VMware_vSphere_6-0_STIGs_V1_Release_Memo.pdf VMware vSphere 6.0 STIG Release Memo

NIST checklist record last modified on 11/25/2019