VMware Cloud Community
stanj
Enthusiast
Enthusiast
‎10-02-2009 12:05 PM

vSphere STIG and DoD Discussion

I started the new thread so that others can contribute. Hopefully, we can use this thread to advise interested users when the vSphere STIG will be in draft or and final mode.:^0 I have been following the thread about the ESX script to pass DISA Security Review which provided good info for ESX 3.5. We may be installing vSphere 4.0 in the upcoming months in a DoD facility and will be required to use a DIACAP process to receive an ATO to allow the systems to be connected to a classified network. I am interested in the process that our DAA will need to investigate. I am assuming the ESX Stig will be a starting point as we start down the path for receiving our ATO?

0 Kudos
20 Replies
Texiwill
Leadership
Leadership
‎11-11-2010 01:30 PM

Hello,

There are no STIGS for VMware vSphere in any incarnation at this time.

The ESX 3.5 STIG however does apply, but is not 100% anymore.


Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, 2010

Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]

Also available 'VMWare ESX Server in the Enterprise'[/url]

Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]

Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos