The network element must employ cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-27465	SRG-NET-000219	SV-34774r1_rule		Medium

Description
Whether a network is being managed locally or from a Network Operations Center (NOC), achieving network management objectives depends on comprehensive and reliable network management solutions. To protect the integrity and confidentiality of non-local maintenance and diagnostics, all packets associated with these sessions must be encrypted. During the authentication process, malicious users can gain knowledge of passwords during authentication process by sniffing local traffic between the network element and the authentication server. It is imperative the authentication process and the transmission of network management traffic implements cryptographic modules adhering to the higher standards approved by the federal government.

Description

Whether a network is being managed locally or from a Network Operations Center (NOC), achieving network management objectives depends on comprehensive and reliable network management solutions. To protect the integrity and confidentiality of non-local maintenance and diagnostics, all packets associated with these sessions must be encrypted. During the authentication process, malicious users can gain knowledge of passwords during authentication process by sniffing local traffic between the network element and the authentication server. It is imperative the authentication process and the transmission of network management traffic implements cryptographic modules adhering to the higher standards approved by the federal government.

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None