STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware NSX Manager Security Technical Implementation Guide

V-69209

CAT II (Medium)

The NSX Manager must off-load audit records onto a different system or media than the system being audited.

Rule ID

SV-83813r1_rule

STIG

VMware NSX Manager Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-001851

Discussion

Information stored in one location is vulnerable to accidental or incidental deletion or alteration. Off-loading is a common process in information systems with limited audit storage capacity.

Check Content

Verify NSX Manager audit records are off-loaded to a different system.
 
Log on to NSX Manager with credentials authorized for administration, navigate and select Manage Appliance Settings >> Syslog Server >> Edit. 

Enter name or IP of the Syslog Server, Port, and Protocol.

If audit records are not configured and are not off-loaded to a different system, this is a finding.

Note: TCP is the preferred protocol configuration to protect against network outages and queues logs locally until network connection is restored to a centralized server.

Fix Text

Change the logs in NSX Manager to send to a centralized server for use as part of the organization's security incident tracking and analysis.
 
Log on to NSX Manager with credentials authorized for administration, navigate and select Manage Appliance Settings >> Syslog Server >> Edit.

Enter name or IP of the Syslog Server, Port, and Protocol.