UCF STIG Viewer Logo

Sun Ray Desktop Unit traffic is not isolated logically through the use of a dedicated VLAN or network segment.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16061 SUN0020 SV-17048r1_rule ECSC-1 Medium
Description
Isolated LANs provide a greater degree of security than traditional LANs since only authorized users and devices are allowed to connect. Authorized users and devices are configured through the use of access control lists. This logical separation provides better performance through broadcast reduction, and reduced configuration management for Sun Ray Desktop Unit device moves, additions, and changes.
STIG Date
Sun Ray 4 STIG 2015-04-02

Details

Check Text ( C-17104r1_chk )
Work with the network reviewer and system administrator to determine compliance. Request a copy of switch configuration to verify the ports that the Sun Ray server plugs into are configured to a dedicated VLAN. Below is an example of a VLAN that may be used for Sun Ray server traffic.

Cisco IOS Example:

Interface VLAN5
description “Network A”
ip address 192.168.1.25 255.255.255.0
no shutdown

interface VLAN 12
description “Network Sun Ray”
ip address 10.0.0.25 255.255.255.0
no shutdown

set interface sc0 10.0.0.25 255.255.255.0
Fix Text (F-16166r1_fix)
Isolate Sun Ray Desktop Unit traffic from other traffic.