Skip to content
Log In

HP FlexFabric Switch NDM Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000167-NDM-000255

    Group
    Show

  • SRG-APP-000168-NDM-000256

    Group
    Show

  • If multifactor authentication is not supported and passwords must be used, the HP FlexFabric Switch must enforce password complexity by requiring that at least one numeric character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000169-NDM-000257

    Group
    Show

  • If multifactor authentication is not supported and passwords must be used, the HP FlexFabric Switch must enforce password complexity by requiring that at least one special character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000173-NDM-000260

    Group
    Show

  • The HP FlexFabric Switch must enforce 24 hours/1 day as the minimum password lifetime.

    Enforcing a minimum password lifetime helps prevent repeated password changes to defeat the password reuse or history enforcement requirement. Restricting this setting limits the user's ability to...
    Rule Medium Severity
    Show

  • SRG-APP-000174-NDM-000261

    Group
    Show

  • The HP FlexFabric Switch must enforce a 60-day maximum password lifetime restriction.

    Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed at specific intervals. One method of minimizing this risk is to use complex passwords and p...
    Rule Medium Severity
    Show

  • SRG-APP-000175-NDM-000262

    Group
    Show

  • SRG-APP-000177-NDM-000263

    Group
    Show

  • The HP FlexFabric Switch must map the authenticated identity to the user account for PKI-based authentication.

    Authorization for access to any network device requires an approved and assigned individual account identifier. To ensure only the assigned individual is using the account, the account must be boun...
    Rule Medium Severity
    Show

  • SRG-APP-000190-NDM-000267

    Group
    Show

  • SRG-APP-000296-NDM-000280

    Group
    Show

  • Network devices must provide a logoff capability for administrator-initiated communication sessions.

    If an administrator cannot explicitly end a device management session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session.
    Rule Medium Severity
    Show

  • SRG-APP-000319-NDM-000283

    Group
    Show

  • The HP FlexFabric Switch must automatically audit account enabling actions.

    Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to simply...
    Rule Medium Severity
    Show

  • SRG-APP-000320-NDM-000284

    Group
    Show

  • SRG-APP-000328-NDM-000286

    Group
    Show

  • If the HP FlexFabric Switch uses discretionary access control, the HP FlexFabric Switch must enforce organization-defined discretionary access control policies over defined subjects and objects.

    Discretionary Access Control (DAC) is based on the notion that individual network administrators are "owners" of objects and therefore have discretion over who should be authorized to access the ob...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules