Skip to content
Log In

Dell OS10 Switch Layer 2 Switch Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000148-L2S-000015

    Group
    Show

  • The Dell OS10 Switch must uniquely identify all network-connected endpoint devices before establishing any connection.

    Controlling LAN access via 802.1x authentication can assist in preventing a malicious user from connecting an unauthorized PC to a switch port to inject or receive data from the network without det...
    Rule High Severity
    Show

  • SRG-NET-000193-L2S-000020

    Group
    Show

  • SRG-NET-000362-L2S-000021

    Group
    Show

  • The Dell OS10 Switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts.

    Spanning Tree Protocol (STP) does not provide any means for the network administrator to securely enforce the topology of the switched network. Any switch can be the root bridge in a network. Howev...
    Rule Low Severity
    Show

  • SRG-NET-000362-L2S-000022

    Group
    Show

  • The Dell OS10 Switch must have BPDU Guard enabled on all user-facing or untrusted access switch ports.

    If a rogue switch is introduced into the topology and transmits a Bridge Protocol Data Unit (BPDU) with a lower bridge priority than the existing root bridge, it will become the new root bridge and...
    Rule Medium Severity
    Show

  • SRG-NET-000362-L2S-000023

    Group
    Show

  • SRG-NET-000362-L2S-000024

    Group
    Show

  • The Dell OS10 Switch must have Unknown Unicast Flood Blocking (UUFB) enabled.

    Access layer switches use the Content Addressable Memory (CAM) table to direct traffic to specific ports based on the VLAN number and the destination MAC address of the frame. When a router has an ...
    Rule Medium Severity
    Show

  • SRG-NET-000362-L2S-000025

    Group
    Show

  • SRG-NET-000362-L2S-000026

    Group
    Show

  • SRG-NET-000362-L2S-000027

    Group
    Show

  • SRG-NET-000512-L2S-000001

    Group
    Show

  • SRG-NET-000512-L2S-000002

    Group
    Show

  • SRG-NET-000512-L2S-000003

    Group
    Show

  • SRG-NET-000512-L2S-000004

    Group
    Show

  • SRG-NET-000512-L2S-000007

    Group
    Show

  • The Dell OS10 Switch must have all disabled switch ports assigned to an unused VLAN.

    It is possible that a disabled port that is assigned to a user or management VLAN becomes enabled by accident or by an attacker and as a result gains access to that VLAN as a member.
    Rule Medium Severity
    Show

  • SRG-NET-000512-L2S-000008

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules