Check: HRZV-7X-000008
VMware Horizon 7.13 Connection Server STIG:
HRZV-7X-000008
(in versions v1 r2 through v1 r1)
Title
The Horizon Connection Server must be configured with an events database. (Cat II impact)
Discussion
The Horizon Connection Server stores application level events and actions in a dedicated database versus log files. This makes day-to-day administration easier while offloading these events to a separate system for resiliency. An events database is configured after Connection Server deployment. It need only be done once, in the case of multiple grouped Connection Servers, as the configuration will be applied to the other servers automatically. Satisfies: SRG-APP-000089-AS-000050, SRG-APP-000091-AS-000052, SRG-APP-000095-AS-000056, SRG-APP-000096-AS-000059, SRG-APP-000097-AS-000060, SRG-APP-000098-AS-000061, SRG-APP-000099-AS-000062, SRG-APP-000100-AS-000063, SRG-APP-000101-AS-000072, SRG-APP-000266-AS-000168, SRG-APP-000380-AS-000088, SRG-APP-000495-AS-000220, SRG-APP-000499-AS-000224, SRG-APP-000503-AS-000228, SRG-APP-000504-AS-000229, SRG-APP-000505-AS-000230, SRG-APP-000509-AS-000234
Check Content
Log in to the Horizon 7 Console. From the left pane, navigate to Monitor >> Events. If the right pane is empty or shows "Events DB is not configured.", this is a finding.
Fix Text
Log in to the Horizon 7 Console. From the left pane, navigate to Settings >> Event Configuration. In the right pane, under "Event Database", click "Edit". Enter the necessary database information in the fields provided. Click "OK". Note: Horizon Connection Server support MSSQL and Oracle database types. Create a database with an appropriate, descriptive name. Create a user with permission to create tables, views, Oracle triggers and sequences (if Oracle) and permission to read from and write to these objects. Consult VMware documentation for more detailed database setup information and minimum required privileges.
Additional Identifiers
Rule ID: SV-246889r879559_rule
Vulnerability ID: V-246889
Group Title: SRG-APP-000089-AS-000050
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000169 |
Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2 a on organization-defined information system components. |
Controls
Number | Title |
---|---|
AU-12 |
Audit Generation |