Virtual machines used for application development and testing must not share the same physical host with DoD operational virtual machines.

From Test and Development Zone C Security Technical Implementation Guide

Part of ENTD0330 - Operational along with test and developments VMs share same host.

Associated with IA controls: ECSC-1

SV-51539r1_rule Virtual machines used for application development and testing must not share the same physical host with DoD operational virtual machines.

Vulnerability discussion

Attacks on virtual machines from other VMs through denial of service and other attacks potentially stealing sensitive data such as source code used in application development. It is imperative to keep DoD operational virtual machines on physically separate platforms from test and development virtual machines.

Check content

Review the system plan to determine whether physical hosts are sharing DoD operational and test and development virtual machines.

Fix text

Engineer a solution to use separate physical hosts for DoD operational and T&D virtual machines.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer