Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-5644 | NET1071 | SV-5644r2_rule | ECSC-1 | Medium |
Description |
---|
TFTP that contains network element configurations and images must only be connected to the management network to enforce restricted and limited access. |
STIG | Date |
---|---|
Network Devices Security Technical Implementation Guide | 2017-12-07 |
Check Text ( C-3657r2_chk ) |
---|
Review the layer 2 and layer 3 network topology to determine what network the TFTP server is connected to. Verify that the server has been configured or assigned an IP address that belongs to the management network. |
Fix Text (F-5555r2_fix) |
---|
Connect the TFTP server only to the management network. |