UCF STIG Viewer Logo

The Enterprise System Connection (ESCON) Director (ESCD) Application Console must be located in a secure location


Overview

Finding ID Version Rule ID IA Controls Severity
V-24340 HLESC010 SV-29986r3_rule PECF-1 PECF-2 PEPF-1 PEPF-2 High
Description
The ESCD Application Console is used to add, change, and delete port configurations and dynamically switch paths between devices. If the ESCON Director Application Console is not located in a secured location, unauthorized personnel can bypass security, access the system, and alter the environment. This could impact the integrity and confidentiality of operations. NOTE: Many newer installations no longer support the ESCD Application Console. For installations not supporting the ESCD Application Console, this check is not applicable.
STIG Date
IBM Hardware Management Console (HMC) STIG 2017-09-28

Details

Check Text ( C-30356r3_chk )
If the ESCD Application Console is present, verify the location of the ESCD Application Console, otherwise this check is not applicable.

If the ESCON Director Application console is not located in a secure location this is a finding.
Fix Text (F-27118r1_fix)
Move the (ESCD) Console Application console to a secure location and implement access control procedures to ensure access by authorized personnel only.

An ESCD Console Application is used to provide data center personnel with an interface for displaying and
changing an ESCD'S connectivity attributes. It is also used to install, initialize, and service an ESCON Director.
Note: ESCD'S are slowly being phased out and are being replaced with FICON Directors.