When using a software-based isolation mechanism to share a physical server’s hardware, the configuration of the isolation mechanism is hardened by removing unneeded functionality and restricting access to the administrative interface used to manage the isolation mechanism.
Topic
Functional separation between computing environments
Applicable to
all
History
Aug 2020
When using a software-based isolation mechanism to share a physical server’s hardware, the configuration of the isolation mechanism is hardened by removing unneeded functionality and restricting access to the administrative interface used to manage the isolation mechanism.
Security control 1460 was split into 5 different security controls (i.e. 1460, 1604 1605, 1606 and 1607) to allow for sufficient focus on each aspect of hardening software-based isolation mechanisms.