UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The SAN is not configured to use FIPS 140-1/2 validated encryption algorithm to protect management-to-fabric communications.


Overview

Finding ID Version Rule ID IA Controls Severity
V-6639 SAN04.016.00 SV-6783r1_rule Low
Description
The communication between the SAN management consol and the SAN fabric carries sensitive privileged configuration data. This data's confidentiality will be protected with FIPS 140-1/2 validate algorithm for encryption. Configuration data could be used to create a denial of service by disrupting the SAN fabric. The storage administrator will configure the SAN to use FIPS 140-1/2 validated encryption algorithm to protect management-to-fabric communications.
STIG Date
Storage Area Network STIG 2019-06-28

Details

Check Text ( C-2555r1_chk )
The reviewer will, with the assistance of the storage administrator, verify that the SAN is configured to use FIPS 140-1/2 validated encryption algorithm to protect management-to-fabric communications.
Fix Text (F-6240r1_fix)
Develop a plan to implement FIPS-140-1/2 validated encryption to protect management-to-fabric communications. Obtain CM approval of the plan and execute the plan.