UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must display an approved system use notification message (or banner) before granting access to the system.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000041-NDM-000028 SRG-NET-000041-NDM-000028 SRG-NET-000041-NDM-000028_rule Low
Description
All network devices must present a DoD-approved warning banner prior to a system administrator logging on. The banner should warn any unauthorized user not to proceed. It also should provide clear and unequivocal notice to both authorized and unauthorized personnel that access to the device is subject to monitoring to detect unauthorized usage. Failure to display the required login warning banner prior to login attempts will limit the ability to prosecute unauthorized access and also presents the potential to give rise to criminal and civil liability for systems administrators and information systems managers. In addition, DISA's ability to monitor the device's usage is limited unless a proper warning banner is displayed.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000041-NDM-000028_chk )
Configure all network device management interfaces to display an approved system use notification upon user login, regardless of the means of connection or communication.

If a warning banner is not displayed prior to allowing user access to the network device, this is a finding.
Fix Text (F-SRG-NET-000041-NDM-000028_fix)
Configure the network device management interfaces to display the authorized DoD warning banner text on or before the login page.