Skip to content

SEL-2740S L2S Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The SEL-2740S must be configured to capture flows for real-time visualization tools.

    Without the capability to remotely view/hear all content related to a user session, investigations into suspicious user activity would be hampered. Real-time monitoring allows authorized personnel ...
    Rule Medium Severity
  • SRG-NET-000362-L2S-000024

    Group
  • The SEL-2740S must be configured to prevent packet flooding and bandwidth saturation.

    Access layer switches use the Content Addressable Memory (CAM) table to direct traffic to specific ports based on the VLAN number and the destination MAC address of the frame. When a router has an ...
    Rule Medium Severity
  • SRG-NET-000362-L2S-000026

    Group
  • SEL-2740S flow rules must include the host IP addresses that are bound to designated SEL-2740S ports for ensuring trusted host access.

    IP Source Guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host's IP address. The feature use...
    Rule Medium Severity
  • The SEL-2740S must authenticate all network-connected endpoint devices before establishing any connection.

    Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. For distributed architectures (e.g., service-oriented architectures), th...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules