UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Information Assurance - Network Connections - Physical Protection of Unclassified (NIPRNet) Network Devices such as Routers, Switches and Hubs


Overview

Finding ID Version Rule ID IA Controls Severity
V-31190 IA-12.02.01 SV-41372r2_rule DCPP-1 EBCR-1 ECND-2 ECTM-2 PESS-1 Medium
Description
Unclassified (NIPRNet) network connections that are not properly protected in their physical environment are highly vulnerable to unauthorized access, resulting in the probable loss or compromise of sensitive information such as personally identifiable information (PII) or For Official Use Only (FOUO).
STIG Date
Traditional Security 2013-07-11

Details

Check Text ( C-39920r5_chk )
1. Check that ALL network connections (on NIPRNet or other Unclassified Network under review) such as routers, switches, and hubs must are secured in a locked communications closet/room OR secured in a cabinet if the equipment is located in a room that is accessed by non-network personnel.

2. Ensure the locked room or cabinet cannot be easily accessed without forceable entry. Also ensure that proper key control procedures are used for ALL keys associated with both communication room doors and/or equipment cabinet doors.

3. ANY discrepancies with the above guidelines will result in a finding.

TACTICAL ENVIRONMENT: The check is applicable for fixed tactical processing environments. It is assumed the type of equipment referenced will be in a fixed environment. Not applicable to a field/mobile environment.
Fix Text (F-35098r4_fix)
1. All network connections (on NIPRNet or other Unclassified Network under review) such as routers, switches, and hubs must be secured within a locked communications closet/room OR secured within a cabinet if the equipment is located in a room that is accessed by non-network personnel.

2. The locked room or cabinet must be adequately secured so that it cannot be easily accessed without forceable entry.

3. Proper key control procedures must be in place for associated keys used to secure doors to communications rooms AND equipment cabinets.

NOTE: Because locks and keys to equipment cabinets are often inferior and do not provide for adequate physical protection it is recommended that a metal hasp be attached (using rivets or other means that cannot be removed without evidence of forceable entry) to equipment cabinets securing network equipment. General Services Administration (GSA) Medium Security Keyed Padlocks or (preferably) the S&G 8077 Changeable Combination Padlock should then be used to secure the cabinet using the hasp.