The network device must protect non-local maintenance sessions by separating the maintenance session from other network sessions with the device, by using either physically separated communications paths, or logically separated communications paths based upon encryption.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000175-NDM-000134 | SRG-NET-000175-NDM-000134 | SRG-NET-000175-NDM-000134_rule | Medium |
| Description |
|---|
| Non-local maintenance and diagnostic activities are those activities conducted by individuals communicating through a network; either an external network (e.g., the Internet) or an internal network. Local maintenance and diagnostic activities are those activities carried out by individuals physically present at the information system or information system component and not communicating across a network connection. |
| STIG | Date |
|---|---|
| Network Device Management Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000175-NDM-000134_chk ) |
|---|
| Verify the network device protects non-local maintenance sessions by separating the maintenance session from other network sessions with the device, by using either physically separated communication paths, or logically separated communications paths based on encryption. If the network device does not protect non-local maintenance sessions by separating the maintenance session from other network sessions, this is a finding. |
| Fix Text (F-SRG-NET-000175-NDM-000134_fix) |
|---|
| Configure the network device to protect non-local maintenance sessions by separating the maintenance session from other network sessions with the device, by using either physically separated communication paths, or logically separated communications paths based on encryption. |