UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system administrator will ensure in-band management access to the device is secured using FIPS 140-2 approved encryption or hash algorithms such as AES, 3DES, SSH, or TLS / SSL.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3069 NET1638 SV-3069r7_rule ECSC-1 Medium
Description
Remote administration using non-FIPS 140-2 compliant encryption is inherently dangerous because anyone with a sniffer and access to the right LAN segment can acquire the device's account and password information. With this intercepted information they could gain access to the device and cause denial of service attacks, intercept sensitive information, or perform other destructive actions.
STIG Date
WMAN Bridge 2011-10-07

Details

Check Text ( C-3532r2_chk )
Base Procedure: Review the Inband management interfaces and determine if the access to the device is encrypted as required.
Fix Text (F-3094r4_fix)
The SA will ensure access to network devices comply with approved FIPS 140-2.