From VMware NSX Manager Security Technical Implementation Guide
Part of SRG-APP-000023-NDM-000205
Associated with: CCI-000015
Account management functions include: assignment of group or role membership; identifying account type; specifying user access authorizations and privilege levels. NSX Manager must be configured to automatically provide account management functions, and these functions must immediately enforce the organization's current account policy. All accounts used for access to the NSX components are privileged or system-level accounts. Therefore, if account management functions are not automatically enforced, an attacker could gain privileged access to a vital element of the network security architecture.
Verify the Windows server hosting vCenter is joined to the domain and access to the server and vCenter is done using Active Directory accounts. If the vCenter server is not joined to an Active Directory domain, this is a finding. If Active Directory-based accounts are not used for daily operations of the vCenter server, this is a finding. If Active Directory is not used in the environment, this is not applicable.
If the server hosting vCenter is not joined to the domain, follow the OS-specific procedures to join it to Active Directory. If local accounts are used for normal operations, Active Directory accounts should be created and used.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer