The security team at the customer end suggests some configuration changes within VMware NSX Ubuntu OS, which they have suggested as per the CIS benchmark standards.

The configuration changes include changing file permissions, disabling internal network protocols, or altering system daemons.

VMware NSX

VMware NSX is distributed as a pre-packaged, purpose-built appliance. While it runs on an Ubuntu base, that OS is heavily customized, tuned, and tightly coupled with the NSX management and control plane services. Applying generic CIS Linux benchmarks (like changing file permissions, disabling internal network protocols, or altering system daemons) can easily break the fragile dependencies between the OS and the NSX software.

Therefore, any configuration changes or modification on the VMware NSX appliances or Edge appliance operating system are not supported by Broadcom.