FIPS 140-2 validated Link encryption mechanisms are not being used to provide end-to-end security of all data streams entering the remote access port of a telephone switch.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7994	DSN18.09	SV-8480r1_rule	ECCT-1 ECSC-1	unknown

Description
Requirement: The IAO will ensure that a FIPS 140-2 validated encryption mechanism is used to provide security of all data streams between the management port of the DSN component and a remote management station whether connected via a modem or network. The most secure authenticated session to any remote system is accomplished via a secure connection. Encryption provides confidentiality and should be used, if possible, to secure remote access connections to DSN administration/maintenance ports.

Description

Requirement: The IAO will ensure that a FIPS 140-2 validated encryption mechanism is used to provide security of all data streams between the management port of the DSN component and a remote management station whether connected via a modem or network. The most secure authenticated session to any remote system is accomplished via a secure connection. Encryption provides confidentiality and should be used, if possible, to secure remote access connections to DSN administration/maintenance ports.

STIG	Date
Defense Switched Network STIG	2015-01-02

Details

Check Text ( C-7372r1_chk )
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable.

Fix Text (F-7569r1_fix)
Ensure that FIPS 140-2 validated link encryption mechanisms are implemented for all dial-up/remote connections to the administration/maintenance ports of the DSN system.