UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must fail to an organizationally defined known state for organizationally defined types of failures.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000235-NDM-000174 SRG-NET-000235-NDM-000174 SRG-NET-000235-NDM-000174_rule Low
Description
Failure to a known state can address safety or security in accordance with the mission needs of the organization. Failure to a state that is known to be secure helps prevent the loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. An example of this would be an organizational policy that network devices be configured to "fail closed", so if a network device failure occurs, all data transit through the network device must stop and no new sessions can pass through the network device.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000235-NDM-000174_chk )
Examine the configuration settings for hardware and/or application failover of the network device.
Verify the network device is configured to fail to an organizationally defined secure state. Verify this secure state prevents or limits unauthorized, unaudited access.

If the system failover or hardware/software failure settings are not configured to fail to an organizationally defined known state for organizationally defined types of failures, this is a finding.
Fix Text (F-SRG-NET-000235-NDM-000174_fix)
Configure the system failover or hardware/software failure settings to fail to an organizationally defined known state for organizationally defined types of failures.
Configure an organizationally defined state that prevents or limits unauthorized, unaudited access.