STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware vSphere 7.0 Virtual Machine Security Technical Implementation Guide

Version

V1R4

Release Date

Dec 16, 2024

SCAP Benchmark ID

VMW_vSphere_7-0_Virtual_Machine_STIG

Total Checks

28

Tags

vmware
CAT I: 0CAT II: 19CAT III: 9

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (28)

V-256450LOWCopy operations must be disabled on the virtual machine (VM).V-256451LOWDrag and drop operations must be disabled on the virtual machine (VM).V-256452LOWPaste operations must be disabled on the virtual machine (VM).V-256453MEDIUMVirtual disk shrinking must be disabled on the virtual machine (VM).V-256454MEDIUMVirtual disk wiping must be disabled on the virtual machine (VM).V-256455MEDIUMIndependent, nonpersistent disks must not be used on the virtual machine (VM).V-256456MEDIUMHost Guest File System (HGFS) file transfers must be disabled on the virtual machine (VM).V-256457MEDIUMUnauthorized floppy devices must be disconnected on the virtual machine (VM).V-256458LOWUnauthorized CD/DVD devices must be disconnected on the virtual machine (VM).V-256459MEDIUMUnauthorized parallel devices must be disconnected on the virtual machine (VM).V-256460MEDIUMUnauthorized serial devices must be disconnected on the virtual machine (VM).V-256461MEDIUMUnauthorized USB devices must be disconnected on the virtual machine (VM).V-256462MEDIUMConsole connection sharing must be limited on the virtual machine (VM).V-256463LOWInformational messages from the virtual machine to the VMX file must be limited on the virtual machine (VM).V-256464MEDIUMUnauthorized removal, connection, and modification of devices must be prevented on the virtual machine (VM).V-256465MEDIUMThe virtual machine (VM) must not be able to obtain host information from the hypervisor.V-256466LOWShared salt values must be disabled on the virtual machine (VM).V-256467LOWAccess to virtual machines (VMs) through the "dvfilter" network Application Programming Interface (API) must be controlled.V-256468LOWSystem administrators must use templates to deploy virtual machines (VMs) whenever possible.V-256469MEDIUMUse of the virtual machine (VM) console must be minimized.V-256470MEDIUMThe virtual machine (VM) guest operating system must be locked when the last console connection is closed.V-256471LOWAll 3D features on the virtual machine (VM) must be disabled when not required.V-256472MEDIUMEncryption must be enabled for vMotion on the virtual machine (VM).V-256473MEDIUMLogging must be enabled on the virtual machine (VM).V-256474MEDIUMLog size must be configured properly on the virtual machine (VM).V-256475MEDIUMLog retention must be configured properly on the virtual machine (VM).V-256476MEDIUMDirectPath I/O must be disabled on the virtual machine (VM) when not required.V-256477MEDIUMEncryption must be enabled for Fault Tolerance on the virtual machine (VM).