Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. Infrastructure L3 Switch Security Technical Implementation Guide
  3. V-3175

V-3175

The network device must require authentication prior to establishing a management connection for administrative access.

Finding ID
NET1636
Rule ID
SV-3175r5_rule
Severity
Cat I
CCE
(None)
Group Title
Management connections must require passwords.
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage.

Fix Text

Configure authentication for all management connections.

Check Content

Review the network device configuration to verify all management connections for administrative access require authentication. If authentication isn't configured for management access, this is a finding.

Responsibility

Information Assurance Officer

Vaulted is more than a library.

SIGN UP FOR FREE