Skip to content
Log In

SEL-2740S L2S Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000148-L2S-000015

    Group
    Show

  • The SEL-2740S must uniquely identify all network-connected endpoint devices before establishing any connection.

    Controlling LAN access via identification of connecting hosts can assist in preventing a malicious user from connecting an unauthorized PC to a switch port to inject or receive data from the networ...
    Rule High Severity
    Show

  • The SEL-2740S -must be configured to limit excess bandwidth and denial of service (DoS) attacks.

    Denial of service is a condition when a resource is not available for legitimate users. Packet flooding DDoS attacks are referred to as volumetric attacks and have the objective of overloading a ne...
    Rule Medium Severity
    Show

  • The SEL-2740S must be configured to mitigate the risk of ARP cache poisoning attacks.

    The SEL-2740S must deter ARP cache poisoning attacks and configure the specific ARP flows that are only necessary to the control system network.
    Rule Medium Severity
    Show

  • SRG-NET-000512-L2S-000029

    Group
    Show

  • The SEL-2740S must be configured to capture all packets without flow rule match criteria.

    The OTSDN switch must be capable of capturing frames that are not engineered to be in the network and send them to a Security Information and Event Manager (SIEM) or midpoint sensor for analysis.
    Rule Medium Severity
    Show

  • SRG-NET-000512-L2S-000030

    Group
    Show

  • The SEL-2740S must be configured to permit the allowed and necessary ports, functions, protocols, and services.

    A compromised switch introduces risk to the entire network infrastructure as well as data resources that are accessible via the network. The perimeter defense has no oversight or control of attacks...
    Rule Medium Severity
    Show

  • SRG-NET-000193-L2S-000020

    Group
    Show

  • SRG-NET-000362-L2S-000027

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules