Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
SAN devices are not added to the site System Security Authorization Agreement (SSAA).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6609 | SAN04.001.00 | SV-6729r1_rule | Low |
| Description |
|---|
| All hardware and software will be entered into the SSAA. This gives a central location where it can be shown that all interested parties have reviewed the impact on their security posture and approved the implementation of the SAN. The IAO/NSO will ensure that SAN devices are added to the site System Security Authorization Agreement (SSAA). |
| STIG | Date |
|---|---|
| Storage Area Network STIG | 2018-10-03 |
Details
| Check Text ( C-2439r1_chk ) |
|---|
| The reviewer will interview the IAO/NSO to validate that SAN devices are added to the site System Security Authorization Agreement (SSAA). |
| Fix Text (F-6198r1_fix) |
|---|
| Update the SSAA following the SSAA review and acceptance procedures to include the SAN. |