Free DISA STIG and SRG Library | Vaulted

V-67195

The Arista Multilayer Switch must be updated to one of the minimum approved versions of EOS.

Finding ID
AMLS-NM-000500
Rule ID
SV-81685r1_rule
Severity
Cat III
CCE
(None)
Group Title
SRG-APP-000516-NDM-000317
CCI
CCI-000366
Target Key
(None)
Documentable
No
Discussion

The Arista Multilayer Switch uses the EOS operating system. Updates to EOS contain new security-related features and security patches that address known vulnerabilities. Running a current DoD-approved software version improves the security posture of the network device.

Fix Text

Configure the Arista Multilayer Switch to use an approved software version. Download the approved version from www.arista.com/support, copy the .swi file to flash via an approved file transfer mechanism, and then enter: Enable Configure Boot system flash:<your_image.swi> Write memory reload

Check Content

Verify the Arista Multilayer Switch configuration using the “Show version” command. Review the software image version, and verify it is a minimum DoD-approved version. The current approved minimum versions are 4.16.0F, 4.15.3F, 4.14.11M, or later. If the Arista Multilayer Switch is not using a minimum approved versions of EOS, this is a finding.