An OAM&P / NM or CTI network DOES NOT comply with the Enclave and/or Network Infrastructure STIGs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-8541 | DSN04.10 | SV-9038r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Requirement: The IAO will ensure that OAM&P / NM and CTI networks comply with the Enclave and Network Infrastructure STIGs. OAM&P / NM and CTI networks must comply with the requirements contained in the Enclave and Network Infrastructure STIGs so that the threats and/or vulnerabilities associated with all networks and enclaves are properly mitigated according to DoD policy. |
| STIG | Date |
|---|---|
| Defense Switched Network STIG | 2015-01-02 |
Details
| Check Text ( C-7701r1_chk ) |
|---|
| Obtain a copy of Network and Enclave SRRs or Self Assessment results and review for compliance OR perform Network and Enclave SRRs on the OAM&P / NM and/or CTI network. If there are a significant number of findings reported or if an applicable STIG was not applied, this is a finding. Note: Voice/Video/RTS and/or OAM&P / NM and/or CTI network systems and devices are required to be tested, certified, accredited by the DSAWG and listed on the DSN APL. Each specific Voice/Video/RTS system or device may be approved while having certain open findings that are approved in light of certain mitigations. Such open findings are not to be considered in the status determination of this requirement. |
| Fix Text (F-8041r1_fix) |
|---|
| Configure all OAM&P / NM or CTI networks in accordance with the Enclave and Network Infrastructure STIGs while taking into account any DSAWG approved open findings and their mitigations for the given solution. |