The layer 2 switch must re-authenticate all endpoint devices every 60 minutes or less.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-62159 | SRG-NET-000151-L2S-000018 | SV-76649r1_rule | Medium |
| Description |
|---|
| Eliminating unauthorized access to the network from inside the enclave is vital to keeping a network secure. Internal access to the private network is enabled by simply connecting a workstation or laptop to a wall plate or access point located in the work area. |
| STIG | Date |
|---|---|
| Layer 2 Switch Security Requirements Guide | 2018-05-22 |
Details
| Check Text ( C-62963r2_chk ) |
|---|
| Review the configuration for all host-facing access switch ports and verify that re-authentication is specified to occur every 60 minutes or less. If 802.1x re-authentication does not occur every 60 minutes or less, this is a finding. |
| Fix Text (F-68079r1_fix) |
|---|
| Configure the 802.1x implementation on all host-facing access switch ports to enable re-authentication every 60 minutes or less. |