UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

An OAM&P / NM and CTI network/LAN is connected to the local general use (base) LAN without appropriate boundary protection.


Overview

Finding ID Version Rule ID IA Controls Severity
V-8542 DSN04.09 SV-9039r1_rule DCID-1 DCPA-1 EBCR-1 ECSC-1 Medium
Description
Requirement: The IAO will ensure that OAM&P / NM and CTI networks are not connected to the local general use (base) WAN. The requirement to dedicate OAM&P / NM and CTI networks or LANS is to protect the particular solution from threats from sources external to the solution. Connecting these dedicated LANs to a WAN negates this protection unless a proper boundary is created. Such a boundary should be a firewall. Access to the dedicated LAN and the devices on it from the WAN must be filtered by source and destination IP addresses as well as the specific ports and protocols that are required or permitted to cross the boundary.
STIG Date
Defense Switched Network (DSN) STIG 2015-06-30

Details

Check Text ( C-7372r1_chk )
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices. Inspect configuration files as applicable.
Fix Text (F-8033r1_fix)
> Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.