Title

A third party firewall is configured on ESX Server. (Cat II impact)

Discussion

Third party software and services should not be installed in the service console. The service console is not intended to support the operation of additional software or services beyond what is included in the default ESX installation. VMware does not support the addition of third party applications that have not been explicitly approved.

Check Content

Ask the IAO/SA if any third party firewalls are installed on the ESX Server service console. If the answer is yes, inquire as to what is installed. If it is anything other than IPtables, this is a finding.

Fix Text

Remove third party firewalls from the ESX Server service console.

Additional Identifiers

Rule ID: SV-16764r1_rule

Vulnerability ID: V-15825

Group Title: A 3rd party firewall is configured on ESX Server.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.