UCF STIG Viewer Logo

SEL-2740S L2S Security Technical Implementation Guide


Overview

Date Finding Count (13)
2019-05-06 CAT I (High): 1 CAT II (Med): 12 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Sensitive)

Finding ID Severity Title
V-92263 High The SEL-2740S must uniquely identify all network-connected endpoint devices before establishing any connection.
V-92279 Medium The SEL-2740S must be configured to capture all packets without flow rule match criteria.
V-92283 Medium The SEL-2740S must be configured to forward only frames from allowed network-connected endpoint devices.
V-92281 Medium The SEL-2740S must be configured with backup flows for all host and switch flows to ensure proper failover scheme is in place for the network.
V-94587 Medium The SEL-2740S must authenticate all network-connected endpoint devices before establishing any connection.
V-92277 Medium The SEL-2740S must be configured to mitigate the risk of ARP cache poisoning attacks.
V-92319 Medium The SEL-2740S must be configured to capture flows for real-time visualization tools.
V-92325 Medium The SEL-2740S must be configured with ARP flow rules that are statically created with valid IP-to-MAC address bindings.
V-92313 Medium The SEL-2740S must be configured to permit the allowed and necessary ports, functions, protocols, and services.
V-92315 Medium The SEL-2740S -must be configured to limit excess bandwidth and denial of service (DoS) attacks.
V-92321 Medium The SEL-2740S must be configured to prevent packet flooding and bandwidth saturation.
V-92317 Medium The SEL-2740S must be configured to packet capture flows.
V-92323 Medium SEL-2740S flow rules must include the host IP addresses that are bound to designated SEL-2740S ports for ensuring trusted host access.