The following topic describes the control set for VMware Cloud Director. The version of VMware Cloud Directory management pack which is supported is 8.14.

Control Set for VMware Cloud Director

  • Disable Alpha Feature sets
  • Logging enabled
  • Expired and untrusted certificates must be removed from Cloud Director.
  • Cloud Director must automatically terminate an idle user session after 15 minutes.
  • vCloud Organizations must enable at least one Identify Provider (SAML / OAuth) authentication enabled for all orgs.
  • Cloud Director must enable account lockout for unsuccessful login attempts.
  • Cloud Director must enable hostname certificate verification for vCenter connections.
  • Cloud Director must enable SSL for AMQP connections.
  • Cloud Director must enable FIPS mode for NSX Edge Gateways.
  • VMware Cloud Director must enable FIPs mode.
  • Cloud Director Organizations must have Account Lockout Enabled.
  • The Customer Experience Improvement Program (CEIP) is enabled for VMware Cloud Director.
Note: The Customer Experience Improvement Program (CEIP) should be disabled in VMware Cloud Director in a Sovereign Cloud Environment. To disable the CEIP status, see the topic, Join or Leave the VMware Customer Experience Improvement Program in the VMware Cloud Director Service Provider Admin Guide documentation.