The information system must retain the session lock until the user reestablishes access using established identification and authentication procedures.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-26818	SRG-NET-NA	SV-34068r1_rule		Medium

Description
With a router or firewall—at least Cisco, as any configuration changes are made, they are applied to the running configuration. There is nothing lost. If the user has not saved the running configuration to non-volatile random-access memory (NVRAM), it can be done by logging back in. Furthermore, a desktop or laptop is used to connect to the router, switch, or firewall. The routers, switches, and firewalls have the idle timeout capability where the session is taken down after a period of inactivity. This is a simple and straightforward solution.

Description

With a router or firewall—at least Cisco, as any configuration changes are made, they are applied to the running configuration. There is nothing lost. If the user has not saved the running configuration to non-volatile random-access memory (NVRAM), it can be done by logging back in. Furthermore, a desktop or laptop is used to connect to the router, switch, or firewall. The routers, switches, and firewalls have the idle timeout capability where the session is taken down after a period of inactivity. This is a simple and straightforward solution.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None