VxRail: Security Technical Implementation Guide on VxRail
Summary: Dell VxRail Security Technical Implementation Guide (STIG) on VxRail.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
VxRail STIG Hardening Package version 3.0.202 is now available for download for supported builds.
The VxRail STIG Hardening Package contains scripts and manual procedures which enable VxRail customers to harden their VxRail in compliance with relevant Department of Defense (DoD) Security Technical Implementation Guidelines (STIG) requirements.
Updates:
- Resolved blocked menu issue in external vCenter systems, enabling hardening of VxRail components.
NOTE: For customers upgrading from 7.x to 8.x, it is recommended that the STIG Hardening Package version 3.0.000 is applied prior to upgrading and then applied again after the upgrade. This will ensure that drift has not occurred.
VxRail Support:
- VxRail STIG Hardening Package v3.0.202 will be the final build supporting VxRail 7.0.x. VxRail validated security patches on 7.0.x will be supported with reasonable effort retroactively on v3.0.202.
The VxRail STIG Hardening Package supports standard VxRail deployments including:
- Internal and external DNS (starting with 2.3.000)
- 2-node clusters with VMware vSAN (starting with 2.4.000)
- Stretched cluster with VMware vSAN with virtual witness node (starting with 2.4.000)
VxRail STIG Hardening Package does not support:
- Customer-managed or External VMware vCenter Server
- VxRail stretched cluster with a physical witness node.
- VxRail satellite nodes
- VxRail 2-node vSAN based on VxRail VD Series (ruggedized) nodes.
- VxRail STIG hardening for resource management software operated alongside VxRail, including:
- VCF
- VMware NSX
- SDDC Manager
Users can implement the STIG Hardening Package in one of two ways:
- Dell Deployment Services installation of the STIG Hardening Package (see CAUTION below)
- If you prefer the VxRail STIG Hardening Package to be installed as a service, contact your Dell Technologies sales team representative for a custom deployment services quote.
Self-installation of the STIG Hardening Package (see CAUTION below)
- The VxRail STIG Hardening Package and documentation are available for download from the following links. Login to a support account is required to access:
- The downloadable STIG Hardening Package is for self-installation only. The Support Services team is not authorized to provide instructional information about STIG Hardening. After reviewing the STIG Hardening Package documentation, if you are uncertain about the execution methods, we recommend contacting your Dell Technologies sales team representative for a custom deployment services quote.
Caution: The user assumes all risks that are associated with hardening the VxRail environment when choosing to install the VxRail STIG Hardening Package. Dell Technologies assumes no responsibility and shall not be liable for system failures or loss of data due to VxRail STIG Hardening Package execution in the user's environment. Performing the VxRail STIG Hardening procedures incorrectly and without a backout plan may put the VxRail environment at risk of having to perform a factory reset. This could ultimately result in data loss.
Affected Products
VxRail, VxRail Appliance Series, VxRail SoftwareArticle Properties
Article Number: 000023137
Article Type: How To
Last Modified: 18 Nov 2025
Version: 45
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.