) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
CIS Xen 3.2 Benchmark v1.0.0 Checklist Details (Checklist Revisions)
NOTE
This is not the current revision of this Checklist, view the current revision.
Supporting Resources:
-
Download Prose - CIS Xen 3.2 Benchmark v1.0.0
- Center for Internet Security (CIS)
Target:
| Target | CPE Name |
|---|---|
| Xen Virtualization Server 3.2.0 | cpe:/o:xen:xen:3.2.0 (View CVEs) |
Checklist Highlights
- Checklist Name:
- CIS Xen 3.2 Benchmark
- Checklist ID:
- 203
- Version:
- v1.0.0
- Type:
- Compliance
- Review Status:
- Final
- Authority:
- Third Party: Center for Internet Security (CIS)
- Original Publication Date:
- 05/01/2008
Checklist Summary:
This document is a general guide for securing Xen Virtualization Server 3.2 hosted on the Red Hat Enterprise Linux 5 platform. The document contains sections on the configuration of Xen virtual networks, hosts and devices. These sets of rules constitute a benchmark. This benchmark represents an industry consensus of best practices, listing steps to be taken and the reasons for each recommendation.
Checklist Role:
- Virtualization Server
Known Issues:
Not provided.
Target Audience:
While this document is intended for system administrators, it should be useful for anyone interested in the Xen server and virtual machine installation and configuration. We assume that the reader is a knowledgeable "system administrator". In the context of this document, a knowledgeable system administrator is defined as someone who can create and manage accounts and groups, set account policies and user rights, enable auditing and read audit logs, and who understands how operating systems perform access control. We further assume that the reader is familiar with Linux system administration. Consequently, no tutorial information is provided for Linux. Red Hat's web presence at http://www.redhat.com includes links an extensive array of Linux and Xen-related material.
Target Operational Environment:
- Managed
Testing Information:
Not provided.
Regulatory Compliance:
None available
Comments/Warnings/Miscellaneous:
Not provided.
Disclaimer:
The Center for Internet Security (CIS) provides benchmarks, scoring tools, software, data, information, suggestions, ideas, and other services and materials from the CIS website or elsewhere (Products) as a public service to Internet users worldwide. Recommendations contained in the Products (Recommendations) result from a consensus-building process that involves many security experts and are generally generic in nature. The Recommendations are intended to provide helpful information to organizations attempting to evaluate or improve the security of their networks, systems, and devices. Proper use of the Recommendations requires careful analysis and adaptation to specific user requirements. The Recommendations are not in any way intended to be a quick fix for anyones information security needs. CIS makes no representations, warranties, or covenants whatsoever as to (i) the positive or negative effect of the Products or the Recommendations on the operation or the security of any particular network, computer system, network device, software, hardware, or any component of any of the foregoing or (ii) the accuracy, reliability, timeliness, or completeness of the Products or the Recommendations. CIS is providing the Products and the Recommendations as is and as available without representations, warranties, or covenants of any kind.
Product Support:
http://www.redhat.com
Point of Contact:
cis-feedback@cisecurity.org
Sponsor:
Not provided.
Licensing:
Not provided.
Change History:
Dependency/Requirements:
| URL | Description |
|---|
References:
| Reference URL | Description |
|---|