STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware vSphere 8.0 vCenter Appliance ESX Agent Manager (EAM) Security Technical Implementation Guide

Version

V2R2

Release Date

Dec 16, 2024

SCAP Benchmark ID

VMW_vSphere_8-0_VCSA_EAM_STIG

Total Checks

34

Tags

vmware
CAT I: 0CAT II: 34CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (34)

V-259003MEDIUMThe vCenter ESX Agent Manager service must limit the number of maximum concurrent connections permitted.V-259004MEDIUMThe vCenter ESX Agent Manager service cookies must have secure flag set.V-259005MEDIUMThe vCenter ESX Agent Manager service must initiate session logging upon startup.V-259006MEDIUMThe vCenter ESX Agent Manager service must produce log records containing sufficient information regarding event details.V-259007MEDIUMThe vCenter ESX Agent Manager service logs folder permissions must be set correctly.V-259008MEDIUMThe vCenter ESX Agent Manager service must limit privileges for creating or modifying hosted application shared files.V-259009MEDIUMThe vCenter ESX Agent Manager service must disable stack tracing.V-259010MEDIUMThe vCenter ESX Agent Manager service must be configured to use a specified IP address and port.V-259011MEDIUMThe vCenter ESX Agent Manager service must be configured to limit data exposure between applications.V-259012MEDIUMThe vCenter ESX Agent Manager service must be configured to fail to a known safe state if system initialization fails.V-259013MEDIUMThe vCenter ESX Agent Manager service must set URIEncoding to UTF-8.V-259014MEDIUMThe vCenter ESX Agent Manager service "ErrorReportValve showServerInfo" must be set to "false".V-259015MEDIUMThe vCenter ESX Agent Manager service must set an inactive timeout for sessions.V-259016MEDIUMThe vCenter ESX Agent Manager service must offload log records onto a different system or media from the system being logged.V-259017MEDIUMThe vCenter ESX Agent Manager service must enable STRICT_SERVLET_COMPLIANCE.V-259018MEDIUMThe vCenter ESX Agent Manager service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive.V-259019MEDIUMThe vCenter ESX Agent Manager service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive.V-259020MEDIUMThe vCenter ESX Agent Manager service must configure the "setCharacterEncodingFilter" filter.V-259021MEDIUMThe vCenter ESX Agent Manager service cookies must have the "http-only" flag set.V-259022MEDIUMThe vCenter ESX Agent Manager service DefaultServlet must be set to "readonly" for "PUT" and "DELETE" commands.V-259023MEDIUMThe vCenter ESX Agent Manager service shutdown port must be disabled.V-259024MEDIUMThe vCenter ESX Agent Manager service debug parameter must be disabled.V-259025MEDIUMThe vCenter ESX Agent Manager service directory listings parameter must be disabled.V-259026MEDIUMThe vCenter ESX Agent Manager service deployXML attribute must be disabled.V-259027MEDIUMThe vCenter ESX Agent Manager service must have Autodeploy disabled.V-259028MEDIUMThe vCenter ESX Agent Manager service xpoweredBy attribute must be disabled.V-259029MEDIUMThe vCenter ESX Agent Manager service example applications must be removed.V-259030MEDIUMThe vCenter ESX Agent Manager service default ROOT web application must be removed.V-259031MEDIUMThe vCenter ESX Agent Manager service default documentation must be removed.V-259032MEDIUMThe vCenter ESX Agent Manager service files must have permissions in an out-of-the-box state.V-259033MEDIUMThe vCenter ESX Agent Manager service must disable "ALLOW_BACKSLASH".V-259034MEDIUMThe vCenter ESX Agent Manager service must enable "ENFORCE_ENCODING_IN_GET_WRITER".V-259035MEDIUMThe vCenter ESX Agent Manager service manager webapp must be removed.V-259036MEDIUMThe vCenter ESX Agent Manager service host-manager webapp must be removed.