STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware Automation 7.x Application Security Technical Implementation Guide

Version

V1R2

Benchmark ID

VMW_vRealize_Automation_7-x_Application_STIG

Total Checks

8

Tags

applicationvmware
CAT I: 2CAT II: 6CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (8)

V-239845HIGHvRA must enable FIPS Mode.V-239846MEDIUMThe vRealize Automation application must be configured to a 15 minute of less session timeout.V-239847MEDIUMThe vRealize Automation server must be configured to perform complete application deployments.V-239848MEDIUMThe vRealize Automation security file must be restricted to the vcac user.V-239849MEDIUMThe application server must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.V-239850MEDIUMThe application server must use DoD- or CNSS-approved PKI Class 3 or Class 4 certificates.V-239851MEDIUMThe vRealize Automation appliance must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.V-258450HIGHThe version of vRealize Automation application running on the system must be a supported version.