Switch administration, ADIMSS, or other Network Management terminals are not located on a dedicated LAN.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-7930 | DSN04.01 | SV-8416r1_rule | ECSC-1 | Medium |
| Description |
|---|
| All Network Management and switch administration terminals connecting to the DSN are to be through a dedicated DSN network segment. Only authorized systems will be connected to this LAN. No other networks may interface with components that are connected to this LAN. By connecting in this controlled manner, many vulnerabilities that are associated with IP networks are eliminated. |
| STIG | Date |
|---|---|
| Defense Switched Network STIG | 2015-01-02 |
Details
| Check Text ( C-7311r1_chk ) |
|---|
| Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable. |
| Fix Text (F-7505r1_fix) |
|---|
| The ISSO/IAO will ensure that all DSN Network Management, switch administration components and other authorized systems are connected to a dedicated network and prohibit all connections to the ADMISS or other Network Management network that are not relevant to the operations of the DSN. |