The vAMI installation procedures must be capable of being rolled back to a last known good configuration.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-240936	VRAU-VA-000180	SV-240936r879586_rule		Medium

Description
Any changes to the components of the application server can have significant effects on the overall security of the system. In order to ensure a prompt response to failed application installations and application server upgrades, the application server must provide an automated rollback capability that allows the system to be restored to a previous known good configuration state prior to the application installation or application server upgrade.

Description

Any changes to the components of the application server can have significant effects on the overall security of the system. In order to ensure a prompt response to failed application installations and application server upgrades, the application server must provide an automated rollback capability that allows the system to be restored to a previous known good configuration state prior to the application installation or application server upgrade.

STIG	Date
VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide	2023-09-12

Details

Check Text ( C-44169r675973_chk )
Interview the ISSO and/or the SA. Determine if there is a local procedure to revert to the last known good configuration in the event of failed installations and upgrades. If a procedure does not exist or is not being followed, this is a finding.

Fix Text (F-44128r675974_fix)
Develop and implement a site procedure to revert to the last known good configuration in the event of failed installations and upgrades.