VMware NSX-T SDN Controller Security Technical Implementation Guide
Overview
| Version | Date | Finding Count (2) | Downloads | ||
| 1 | 2022-03-09 | CAT I (High): 0 | CAT II (Medium): 2 | CAT III (Low): 0 | |
| STIG Description |
| This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. |
Findings - MAC II - Mission Support Sensitive
| Finding ID | Severity | Title | Description |
|---|---|---|---|
| V-251734 | The NSX-T Controller must be configured as a cluster in active/active mode to preserve any information necessary to determine cause of a system failure and to maintain network operations with least disruption to workload processes and flows. | Failure in a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state help... | |
| V-251735 | The NSX-T Controller cluster must be on separate physical hosts. | SDN relies heavily on control messages between a controller and the forwarding devices for network convergence. The controller uses node and link stat... |