UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network devices must require authentication prior to establishing a management connection for administrative access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3175 NET1636 SV-15448r4_rule High
Description
Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage.
STIG Date
Perimeter Router Security Technical Implementation Guide Cisco 2018-08-23

Details

Check Text ( C-12913r8_chk )
Review the network device configuration to verify all management connections for administrative access require authentication.

aaa authentication login AUTH_LIST group tacacs+ local
!
line vty 0 4
login authentication AUTH_LIST
exec-timeout 10 0
transport input ssh

Or using the default method list as shown in the example below.

aaa authentication login default group tacacs+ local
!
line vty 0 4
exec-timeout 10 0
transport input ssh
Fix Text (F-3200r3_fix)
Configure authentication for all management connections.