Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network device must not be configured to have any feature enabled that calls home to the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243238 | WLAN-NW-001300 | SV-243238r720169_rule | Medium |
| Description |
|---|
| Call-home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. (See SRG-NET-000131-RTR-000083.) |
| STIG | Date |
|---|---|
| Network WLAN Controller Platform Security Technical Implementation Guide | 2021-04-16 |
Details
| Check Text ( C-46513r720167_chk ) |
|---|
| Review the device configuration to determine if the call home service or feature is disabled on the device. If the call home service is enabled on the device, this is a finding. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |
| Fix Text (F-46470r720168_fix) |
|---|
| Configure the network device to disable the call home service or feature. Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave. |