The NSX Manager must enforce access restrictions associated with changes to the system components.

From VMware NSX Manager Security Technical Implementation Guide

Part of SRG-APP-000516-NDM-000335

Associated with: CCI-000345 CCI-000366

SV-83815r1_rule The NSX Manager must enforce access restrictions associated with changes to the system components.

Vulnerability discussion

Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals must be allowed administrative access to the network device for implementing any changes or upgrades. This requirement applies to updates of the application files, configuration, ACLs, and policy filters.

Check content

Verify the built-in SSO administrator account is only used for emergencies and situations where it is the only option due to permissions. If the built-in SSO administrator account is used for daily operations or there is no policy restricting its use, this is a finding.

Fix text

Develop a policy to limit the use of the built-in SSO administrator account.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer