UCF STIG Viewer Logo

VMware vSphere 6.7 RhttpProxy Security Technical Implementation Guide


Overview

Date Finding Count (9)
2021-03-19 CAT I (High): 0 CAT II (Med): 9 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-240717 Medium The rhttpproxy must set a limit on established connections.
V-240716 Medium The rhttpproxy must drop connections to disconnected clients.
V-240719 Medium The rhttpproxy must use cryptography to protect the integrity of remote sessions.
V-240718 Medium The rhttpproxy must be configured to operate solely with FIPS ciphers.
V-240722 Medium The rhttpproxy private key file must be protected from unauthorized access.
V-240723 Medium The rhttproxy must exclusively use the HTTPS protocol for client connections.
V-240724 Medium The rhttpproxy log files must be moved to a permanent repository in accordance with site policy.
V-240720 Medium The rhttpproxy must produce log records containing sufficient information to establish the source of events.
V-240721 Medium The rhttpproxy must have logging enabled.