UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO/NSO will ensure if 802.1x Port Authentication is implemented, re-authentication must occur every 60 minutes.


Overview

Finding ID Version Rule ID IA Controls Severity
V-5624 NET-NAC-012 SV-5624r1_rule ECSC-1 Medium
Description
Eliminating unauthorized access to the network from inside the enclave is vital to keeping a network secure. Internal access to the private network is enabled by simply connecting a workstation or laptop to a wall plate or access point located in the work area.
STIG Date
Perimeter L3 Switch Security Technical Implementation Guide - Cisco 2016-01-04

Details

Check Text ( C-3773r1_chk )
Review the switch configuration for the following interface command: dot1x reauthentication

Once re-authentication is enabled, the default is 60 minutes.

The interval can be made smaller. For example, if you would want re-authentication to occur every 30 minutes, you would configure the following interface commnand: dot1x timeout reauth-period 1800
Fix Text (F-5535r1_fix)
Ensure 802.1x reauthentication occurs every 60 minutes.