STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Nutanix AOS 5.20.x Application Security Technical Implementation Guide

Version

V1R2

Benchmark ID

Nutanix_AOS_5-20-x_Application_STIG

Total Checks

23

Tags

application
CAT I: 6CAT II: 15CAT III: 2

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (23)

V-254097MEDIUMNutanix AOS must automatically terminate a user session after 15 minutes of inactivity.V-254098MEDIUMNutanix AOS must disable Remote Support Sessions.V-254099HIGHNutanix AOS must implement cryptography mechanisms to protect the confidentiality and integrity of the remote access session.V-254100MEDIUMNutanix AOS role mapping must be configured to the lowest privilege level needed for user access.V-254101MEDIUMNutanix AOS must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.V-254102LOWNutanix AOS must display the standard Mandatory DoD Notice and Consent Banner before granting access to the system.V-254103MEDIUMNutanix AOS must offload log records onto a syslog server.V-254104MEDIUMNutanix AOS must provide an immediate warning to the SA and ISSO, at a minimum, when allocated log record storage volume reaches 75 percent of maximum log record storage capacity.V-254105MEDIUMNutanix AOS must be configured to send Cluster Check alerts to the SA and ISSO.V-254106LOWNutanix AOS must be configured to synchronize internal information system clocks using redundant authoritative time sources.V-254107MEDIUMNutanix AOS must protect log information from any type of unauthorized access.V-254108MEDIUMNutanix AOS must enforce access restrictions associated with changes to application server configuration.V-254109MEDIUMNutanix AOS must use an enterprise user management system to uniquely identify and authenticate users.V-254110MEDIUMNutanix AOS must use multifactor authentication for account access.V-254111MEDIUMNutanix AOS must accept Personal Identity Verification (PIV) credentials to access the management interface.V-254112HIGHNutanix AOS must utilize encryption when using LDAP for authentication.V-254113HIGHNutanix AOS must perform RFC 5280-compliant certification path validation.V-254114HIGHNutanix AOS must use DoD- or CNSS-approved PKI Class 3 or Class 4 certificates.V-254115HIGHNutanix AOS must protect the confidentiality and integrity of all information at rest.V-254116MEDIUMNutanix AOS must restrict error messages only to authorized users.V-254117MEDIUMNutanix AOS must separate hosted application functionality from application server management functionality.V-254118MEDIUMNutanix AOS must configure network traffic segmentation when using Disaster Recovery Services.V-254119HIGHNutanix AOS must be running an operating system release that is currently supported by the vendor.