Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Dell VxRail: Security Technical Implementation Guide on VxRail

Summary: Dell VxRail Security Technical Implementation Guide (STIG) on VxRail.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content


VxRail STIG Hardening Package version 2.3.000 is now available for download for supported builds.  See the Support Matrix for details.

The VxRail STIG Hardening Package contains scripts and manual procedures which enable VxRail customers to harden their VxRail in compliance with relevant Department of Defense (DoD) Security Technical Implementation Guidelines (STIG) requirements.

What’s new:

  • Support for VxRail deployments leveraging Internal DNS
  • Includes and installs prerequisite software automatically to support dark site installations
  • Allow for opt-out of default DoD banner text
  • Application Security Development STIG V5, Release 3
  • Apache Tomcat Application Server 9 STIG V2, Release 5
  • VMware vSphere 7.0 vCenter STIG V1, Release 2
  • Network Device Management STIG, V4, Release 4
  • VMware vSphere 7.0 ESXi STIG V1, Release 2

VxRail Support:

The VxRail STIG Hardening Package supports standard VxRail deployments with either external or internal DNS starting with the 2.3.000 releaseEarlier STIG releases support external DNS only.  

Any other non-standard deployment, including vCenter(s) managing multiple VxRail clusters and stretched or 2-node clusters, are not supported. 

The VxRail STIG Hardening Package is not supported on 8.x.

The VxRail STIG Hardening Package no longer supports VxRail 4.7.x versions running SUSE Linux Enterprise Server version 12.

VxRail STIG hardening for resource management software frequently operated alongside VxRail, such as VCF, NSX-V, NSX-T, and SDDC Manager are not yet supported.

Users can implement the STIG Hardening Package in one of two ways:

  • Dell Deployment Services installation of the STIG Hardening Package (see CAUTION below)
    • If you prefer the VxRail STIG Hardening Package to be installed as a service, contact your Dell Technologies sales team representative for custom deployment services quote.
  • Self-installation of the STIG Hardening Package (see CAUTION below)
    • The VxRail STIG Hardening Package and documentation are available for download from the following links:
    • The downloadable STIG Hardening Package is for self-installation only. The Support Services team is not authorized to provide instructional information about STIG Hardening. After reviewing the STIG Hardening Package documentation, if you are uncertain about the execution methods, we recommend contacting your Dell Technologies sales team representative for a custom deployment services quote.


      CAUTION: The user assumes all risks that are associated with hardening the VxRail environment when choosing to install the VxRail STIG Hardening Package. Dell Technologies assumes no responsibility and shall not be liable for system failures or loss of data due to VxRail STIG Hardening Package execution in the user's environment. Performing the VxRail STIG Hardening procedures incorrectly and without a backout plan may put the VxRail environment at risk of having to perform a factory reset. This could ultimately result in data loss.


    Article Properties

    Affected Product

    VxRail Appliance Series


    VxRail Appliance Family, VxRail Appliance Series, VxRail Software

    Last Published Date

    20 Dec 2023



    Article Type

    How To