STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Nutanix Acropolis Application Server Security Technical Implementation Guide

V-279441

CAT II (Medium)

Nutanix VMM must terminate UI network connections associated with a communications session at the end of the session for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.

Rule ID

SV-279441r1191109_rule

STIG

Nutanix Acropolis Application Server Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002007

Discussion

When the application server is using PKI authentication, a local revocation cache must be stored for instances when the revocation cannot be authenticated through the network. If cached authentication information is out of date, the validity of the authentication information may be questionable.

Check Content

Confirm the Nutanix AOS session timeout settings are set to 10 minutes.

1. Log in to Prism Element.
2. Click the gear icon in the upper-right corner.
3. Navigate to "UI Settings" in the left navigation pane.

For each user type, verify the session timeout is set correctly. If not, this is a finding.

Fix Text

Configure the Nutanix AOS session timeout settings to 10 minutes.

1. Log in to Prism Element.
2. Click the gear icon in the upper-right corner.
3. Navigate to "UI Settings" in the left navigation pane. 
4. Set the session timeout settings to 10 minutes per user type.