STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

Nutanix Acropolis Application Server Security Technical Implementation Guide

Version

V1R1

Benchmark ID

NTNX_Acropolis_AS_STIG

Total Checks

31

Tags

application

CAT I: 2CAT II: 29CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON

Checks (31)

V-279415MEDIUMNutanix AOS must limit the number of concurrent sessions to 10 for all accounts and/or account types.V-279416MEDIUMNutanix AOS must automatically terminate a user session after a maximum of 15 minutes for nonprivileged users.V-279418MEDIUMNutanix AOS must have TLS enabled.V-279421MEDIUMNutanix AOS must configure role mapping.V-279422MEDIUMNutanix AOS server management interface must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.V-279423MEDIUMNutanix AOS must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by nonrepudiation.V-279424MEDIUMNutanix AOS must off-load log records onto a different system or media from the system being logged.V-279425MEDIUMNutanix Cluster Check (NCC) must be configured to provide alerts to the system administrator (SA) and information system security officer (ISSO), immediately when audit storage reaches 75 percent capacity.V-279426MEDIUMNutanix AOS must use internal system clocks to generate time stamps for log records.V-279427MEDIUMNutanix AOS must be configured to protect the application server log files from unauthorized access.V-279430MEDIUMNutanix AOS must configure the Nutanix Cluster Check (NCC) to alert the information system security officer (ISSO)/information system security manager (ISSM) or designated personnel, at a minimum.V-279431MEDIUMNutanix AOS must enforce access restrictions associated with changes to configuration and software libraries.V-279433MEDIUMNutanix AOS must use an enterprise user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users).V-279434HIGHNutanix AOS must use multifactor authentication for access to privileged and nonprivileged accounts by enabling common access card (CAC) authentication.V-279435HIGHNutanix AOS must use multifactor authentication for local access to privileged accounts.V-279438MEDIUMNutanix AOS must authenticate users individually prior to using a group authenticator.V-279439MEDIUMNutanix AOS must use multifactor authentication (MFA) for access to privileged and nonprivileged accounts by enabling client authentication.V-279440MEDIUMNutanix AOS must use encryption when using LDAP for authentication.V-279441MEDIUMNutanix VMM must terminate UI network connections associated with a communications session at the end of the session for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity.V-279442MEDIUMNutanix AOS must perform RFC 5280-compliant certification path validation.V-279443MEDIUMNutanix AOS must accept Federal Identity, Credential, and Access Management (FICAM)-approved third-party credentials.V-279444MEDIUMNutanix AOS must conform to Federal Identity, Credential, and Access Management (FICAM)-issued profiles.V-279445MEDIUMNutanix AOS must be configured to use DOD PKI-issued certificates.V-279446MEDIUMNutanix AOS must protect the confidentiality and integrity of all information at rest.V-279447MEDIUMNutanix AOS must employ cryptographic mechanisms to ensure confidentiality and integrity of all information at rest when stored offline.V-279448MEDIUMNutanix AOS must implement cryptographic mechanisms to prevent unauthorized access to data at rest.V-279450MEDIUMNutanix AOS must configure Network Time Protocol (NTP).V-279451MEDIUMNutanix AOS must restrict error messages only to authorized users.V-279464MEDIUMNutanix UI must initiate session logging upon startup.V-279486MEDIUMNutanix VMM must separate user functionality (including user interface services) from VMM management functionality.V-279526MEDIUMAll guest VM network communications must be implemented using virtual network devices provisioned and serviced by the VMM.