Arista MLS DCS-7000 Series L2S Security Technical Implementation Guide

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Arista MLS DCS-7000 Series L2S Security Technical Implementation Guide

Overview

Version	Date	Finding Count (5)			Downloads
1	2018-11-28 2015-07-06 2015-07-06 2015-07-06 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29 2016-03-29	CAT I (High): 0	CAT II (Med): 5	CAT III (Low): 0	Excel	JSON	XML

STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive	II - Mission Support Classified	II - Mission Support Public	II - Mission Support Sensitive	III - Administrative Classified	III - Administrative Public	III - Administrative Sensitive

Findings (MAC III - Administrative Sensitive)

Finding ID	Severity	Title	Description
V-60831	Medium	The Arista Multilayer Switch must authenticate 802.1X connected devices before establishing any connection.	Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. For distributed architectures (e.g., service-oriented architectures),...
V-60825	Medium	The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based.	Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity on the network. Bidirectional authentication provides stronger safeguards...
V-60813	Medium	The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.	Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The flow of all network traffic must be monitored and controlled so...
V-60823	Medium	The Arista Multilayer Switch must uniquely identify all network-connected endpoint devices before establishing any connection.	Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. For distributed architectures (e.g., service-oriented architectures), the...
V-60821	Medium	The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.	Information flow control regulates where information is allowed to travel within a network and between interconnected networks. The flow of all network traffic must be monitored and controlled so...