Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-8542 | DSN04.09 | SV-9039r1_rule | DCID-1 DCPA-1 EBCR-1 ECSC-1 | Medium |
Description |
---|
Requirement: The IAO will ensure that OAM&P / NM and CTI networks are not connected to the local general use (base) WAN. The requirement to dedicate OAM&P / NM and CTI networks or LANS is to protect the particular solution from threats from sources external to the solution. Connecting these dedicated LANs to a WAN negates this protection unless a proper boundary is created. Such a boundary should be a firewall. Access to the dedicated LAN and the devices on it from the WAN must be filtered by source and destination IP addresses as well as the specific ports and protocols that are required or permitted to cross the boundary. |
STIG | Date |
---|---|
Defense Switched Network (DSN) STIG | 2015-06-30 |
Check Text ( C-7372r1_chk ) |
---|
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable. |
Fix Text (F-8033r1_fix) |
---|
> Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy. |