Nutanix AOS must disable Remote Support Sessions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254098 | NUTX-AP-000020 | SV-254098r846382_rule | Medium |
| Description |
|---|
| Application servers provide remote access capability and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. Automated monitoring and control of remote access sessions allows organizations to detect cyberattacks and also ensure ongoing compliance with remote access policies by logging connection activities of remote users. Examples of policy requirements include, but are not limited to, authorizing remote access to the information system, limiting access based on authentication credentials, and monitoring for unauthorized access. |
| STIG | Date |
|---|---|
| Nutanix AOS 5.20.x Application Security Technical Implementation Guide | 2022-08-24 |
Details
| Check Text ( C-57583r846380_chk ) |
|---|
| Confirm Nutanix AOS Prism Elements is configured to manage remote access. 1. Log in to Prism Element. 2. Click on the gear icon in the upper right. 3. Navigate to the Remote Support section to verify the ability to disable remote sessions, and that it is checked. If Disable Remote Sessions is not available, or is not checked, this is a finding. |
| Fix Text (F-57534r846381_fix) |
|---|
| Configure Nutanix AOS Prism Elements to disable Remote Sessions. If the ability to disable Remote Sessions is not available there is corruption within the CVM. A rebuild is necessary to clear out the corruption and get the CVM back to a positive state. Rebuild the CVM by booting from ISO. |