STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

VMware NSX 4.x Distributed Firewall Security Technical Implementation Guide

Version

V1R2

Benchmark ID

VMW_NSX_4-x_Distributed_FW_STIG

Total Checks

6

Tags

networkvmware

CAT I: 1CAT II: 4CAT III: 1

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON

Checks (6)

V-265612LOWThe NSX Distributed Firewall must generate traffic log entries that can be sent by the ESXi hosts to the central syslog.V-265618MEDIUMThe NSX Distributed Firewall must limit the effects of packet flooding types of denial-of-service (DoS) attacks.V-265619MEDIUMThe NSX Distributed Firewall must deny network communications traffic by default and allow network communications traffic by exception.V-265628MEDIUMThe NSX Distributed Firewall must be configured to inspect traffic at the application layer.V-265630MEDIUMThe NSX Distributed Firewall must configure SpoofGuard to restrict it from accepting outbound packets that contain an illegitimate address in the source address.V-265633HIGHThe NSX Distributed Firewall must configure an IP Discovery profile to disable trust on every use method.