Please provide your feedback in this short Flings' survey.
Mar 21, 2016

Does this VIB enforce Lock Down Mode, or disable SSH? How Nutanix friendly is this VIB?

Mar 21, 2016

Gabe,

It does not change lockdown mode or the status of the SSH service. Depending on which VIB you install it will disable root SSH access.

I don't know if anyone is using it with Nutanix and I haven't received any feedback so I can't comment there.

Ryan

Feb 23, 2016

This is not a full solution. It only implements part of the STIG process and therefore still requires a script to be run on a host-by-host basis. If they were serious about supporting a huge customer in the DoD they would release the full STIG process via a VIB and make it signed at partner or above. Afterall, it clearly states in the STIG Guide that it's a CAT 1 finding if it's a community signed VIB.

Until this happens, this is really of no use.

The alternative would be to make an authoring software readily available for multiple platforms which allows the DoD signature and then DISA changes the STIG requirements.

Feb 23, 2016

Phil I am in touch with your TAM and we will reach out to see what we can do to assist.

Jun 07, 2016

Did you happen to find a way to assist? As mentioned, having a community signed VIB wont fly. Not trying to sound ungrateful, but it really would be helpful if you worked with DISA and released a process/script that would remediate the majority of the STIG requirements.

Jun 07, 2016

Kevin we did have a discussion mostly around the intent and pain points this fling is meant to alleviate. The VIB in this fling is NOT created at a community supported acceptance level but is at VMware certified which is not against the STIG finding.

We did include PowerCLI commands in the vSphere 6 STIG where we could to help with that but not everything is scriptable and no customer implements the STIG the same so there's no one size fits all solution that will work for everyone.

Feb 01, 2016

Where did you guys get the list of STIGS for Esxi 6 referenced in the Overview/Installation document? I haven't been able to find documentation for them yet.

Feb 01, 2016
Feb 01, 2016

Thanks Ryan - that's what I have been looking for.

Jan 29, 2016

Thanks so much for putting this together Ryan. This is exactly what we need as well. Unfortunately as I read the Fling License terms this vib cannot be used in a production environment. Is there a way we can fast track getting some more friendly license terms?

Jan 29, 2016
Jan 29, 2016

Thanks Ryan, yes I did see the blog post too. Maybe we'll pursue the license issue through one of our programs (TAP, PVSP, IOVP, etc.). You and I as engineers understand but our legal teams live and die by the words in the license :(

Don