The VMM must automatically terminate a user session after inactivity timeouts have expired or at shutdown.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-207432	SRG-OS-000279-VMM-001010	SV-207432r854607_rule		Medium

Description
Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses a VMM. Such user sessions can be terminated (and thus terminate user access) without terminating network sessions. Session termination terminates all processes associated with a user's logical session except those processes that are specifically created by the user (i.e., session owner) to continue after the session is terminated.

Description

Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i.e., network disconnect). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses a VMM. Such user sessions can be terminated (and thus terminate user access) without terminating network sessions. Session termination terminates all processes associated with a user's logical session except those processes that are specifically created by the user (i.e., session owner) to continue after the session is terminated.

STIG	Date
Virtual Machine Manager Security Requirements Guide	2023-09-12

Details

Check Text ( C-7689r365706_chk )
Verify the VMM automatically terminates a user session after inactivity timeouts have expired or at shutdown. If it does not, this is a finding.

Fix Text (F-7689r365707_fix)
Configure the VMM to automatically terminate a user session after inactivity timeouts have expired or at shutdown.