UCF STIG Viewer Logo

The network devices must require authentication prior to establishing a management connection for administrative access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3175 NET1636 SV-15448r4_rule High
Description
Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage.
STIG Date
Infrastructure L3 Switch Secure Technical Implementation Guide - Cisco 2018-11-27

Details

Check Text ( C-12913r8_chk )
Review the network device configuration to verify all management connections for administrative access require authentication.

aaa authentication login AUTH_LIST group tacacs+ local
!
line vty 0 4
login authentication AUTH_LIST
exec-timeout 10 0
transport input ssh

Or using the default method list as shown in the example below.

aaa authentication login default group tacacs+ local
!
line vty 0 4
exec-timeout 10 0
transport input ssh
Fix Text (F-3200r3_fix)
Configure authentication for all management connections.