Check: ESX0780
VMware ESX 3 Policy:
ESX0780
(in version v1 r2)
Title
VirtualCenter Server groups are not reviewed monthly (Cat II impact)
Discussion
Reviewing the VirtualCenter groups will ensure that no unauthorized users have been granted access to objects.
Check Content
Ask the IAO/SA how often the following groups are reviewed on the VirtualCenter Server: Windows Administrators group, Database Administrators, Virtual Machine Administrators, Resource Pool Administrators, ESX Administrators, Virtual Machine Power Users, and All Custom Roles. If these groups are not reviewed at least monthly, this is a finding.
Fix Text
Review the VirtualCenter groups monthly.
Additional Identifiers
Rule ID: SV-16818r1_rule
Vulnerability ID: V-15877
Group Title: VirtualCenter Server groups are not reviewed
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |