STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation Guide

Version

V1R1

Release Date

Feb 21, 2023

SCAP Benchmark ID

VMW_vSphere_7-0_vCA_Perfcharts_STIG

Total Checks

34

Tags

vmware
CAT I: 0CAT II: 34CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (34)

V-256611MEDIUMPerformance Charts must limit the amount of time that each Transport Control Protocol (TCP) connection is kept alive.V-256612MEDIUMPerformance Charts must limit the number of concurrent connections permitted.V-256613MEDIUMPerformance Charts must limit the maximum size of a POST request.V-256614MEDIUMPerformance Charts must protect cookies from cross-site scripting (XSS).V-256615MEDIUMPerformance Charts must record user access in a format that enables monitoring of remote access.V-256616MEDIUMPerformance Charts must generate log records for system startup and shutdown.V-256617MEDIUMPerformance Charts log files must only be modifiable by privileged users.V-256618MEDIUMPerformance Charts application files must be verified for their integrity.V-256619MEDIUMPerformance Charts must only run one webapp.V-256620MEDIUMPerformance Charts must not be configured with unsupported realms.V-256621MEDIUMPerformance Charts must be configured to limit access to internal packages.V-256622MEDIUMPerformance Charts must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.V-256623MEDIUMPerformance Charts must have mappings set for Java servlet pages.V-256624MEDIUMPerformance Charts must not have the Web Distributed Authoring (WebDAV) servlet installed.V-256625MEDIUMPerformance Charts must be configured with memory leak protection.V-256626MEDIUMPerformance Charts must not have any symbolic links in the web content directory tree.V-256627MEDIUMPerformance Charts directory tree must have permissions in an out-of-the-box state.V-256628MEDIUMPerformance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.V-256629MEDIUMPerformance Charts must limit the number of allowed connections.V-256630MEDIUMPerformance Charts must set "URIEncoding" to UTF-8.V-256631MEDIUMPerformance Charts must use the "setCharacterEncodingFilter" filter.V-256632MEDIUMPerformance Charts must set the welcome-file node to a default web page.V-256633MEDIUMPerformance Charts must not show directory listings.V-256634MEDIUMPerformance Charts must be configured to show error pages with minimal information.V-256635MEDIUMPerformance Charts must be configured to not show error reports.V-256636MEDIUMPerformance Charts must hide the server version.V-256637MEDIUMPerformance Charts must not enable support for TRACE requests.V-256638MEDIUMPerformance Charts must have the debug option turned off.V-256639MEDIUMPerformance Charts must properly configure log sizes and rotation.V-256640MEDIUMRsyslog must be configured to monitor and ship Performance Charts log files.V-256641MEDIUMPerformance Charts must be configured with the appropriate ports.V-256642MEDIUMPerformance Charts must disable the shutdown port.V-256643MEDIUMPerformance Charts must set the secure flag for cookies.V-256644MEDIUMPerformance Charts default servlet must be set to "readonly".