The network element must display an approved system use notification message or banner before granting access to the system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-26801	SRG-NET-000041	SV-34051r1_rule		Medium

Description
All network devices must present a DoD approved warning banner prior to a system administrator logging on. The banner should warn any unauthorized user not to proceed. It also should provide clear and unequivocal notice to both authorized and unauthorized personnel that access to the device is subject to monitoring to detect unauthorized usage. Failure to display the required login warning banner prior to logon attempts will limit the ability to prosecute unauthorized access and also presents the potential to give rise to criminal and civil liability for systems administrators and information systems managers. In addition, DISA’s ability to monitor the device’s usage is limited unless a proper warning banner is displayed.

Description

All network devices must present a DoD approved warning banner prior to a system administrator logging on. The banner should warn any unauthorized user not to proceed. It also should provide clear and unequivocal notice to both authorized and unauthorized personnel that access to the device is subject to monitoring to detect unauthorized usage. Failure to display the required login warning banner prior to logon attempts will limit the ability to prosecute unauthorized access and also presents the potential to give rise to criminal and civil liability for systems administrators and information systems managers. In addition, DISA’s ability to monitor the device’s usage is limited unless a proper warning banner is displayed.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None