The network element must display an approved banner to the administrator and is retained on the screen until the administrator takes explicit actions to log on.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-26802	SRG-NET-000042	SV-34052r1_rule		Medium

Description
All network devices must present a DoD approved warning banner prior to a system administrator logging on. The banner should warn any unauthorized user not to proceed. It also should provide clear and unequivocal notice to both authorized and unauthorized personnel that access to the device is subject to monitoring to detect unauthorized usage. Failure to display the required login warning banner prior to logon attempts will limit DISA’s ability to prosecute unauthorized access and also presents the potential to give rise to criminal and civil liability for systems administrators and information systems managers. In addition, DISA’s ability to monitor the device’s usage is limited unless a proper warning banner is displayed.

Description

All network devices must present a DoD approved warning banner prior to a system administrator logging on. The banner should warn any unauthorized user not to proceed. It also should provide clear and unequivocal notice to both authorized and unauthorized personnel that access to the device is subject to monitoring to detect unauthorized usage. Failure to display the required login warning banner prior to logon attempts will limit DISA’s ability to prosecute unauthorized access and also presents the potential to give rise to criminal and civil liability for systems administrators and information systems managers. In addition, DISA’s ability to monitor the device’s usage is limited unless a proper warning banner is displayed.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None