SEL-2740S NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000108-NDM-000232
<GroupDescription></GroupDescription>Group -
The SEL-2740S must alert the ISSO and SA (at a minimum) in the event of an audit processing failure.
<VulnDiscussion>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required....Rule Medium Severity -
SRG-APP-000125-NDM-000241
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to send log data to a Syslog server or collected by another parent OTSDN Controller.
<VulnDiscussion>Protection of log data includes assuring log data is not accidentally lost or deleted. Regularly backing up audit records to ...Rule Medium Severity -
SRG-APP-000371-NDM-000296
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to compare internal information system clocks at least every 24 hours with an authoritative time server.
<VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the cor...Rule Medium Severity -
SRG-APP-000372-NDM-000297
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to synchronize internal system clocks with an authoritative time source.
<VulnDiscussion>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the cor...Rule Medium Severity -
SRG-APP-000373-NDM-000298
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to maintain internal system clocks with a backup authoritative time server.
<VulnDiscussion>The loss of connectivity to a particular authoritative time source will result in the loss of time synchronization (free-run ...Rule Medium Severity -
SRG-APP-000412-NDM-000331
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be adopted by OTSDN Controllers for secure communication identifiers and initial trust for configuration of remote maintenance and diagnostic communications.
<VulnDiscussion>This requires the use of secure protocols instead of their unsecured counterparts, such as SSH instead of telnet, SCP instead...Rule High Severity -
SRG-APP-000435-NDM-000315
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to permit the maintenance and diagnostics communications to specified OTSDN Controller(s).
<VulnDiscussion>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot ac...Rule Medium Severity -
SRG-APP-000516-NDM-000344
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be adopted by OTSDN Controller(s) and obtain its public key certificates from an appropriate certificate policy through an approved service provider.
<VulnDiscussion>For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB p...Rule Medium Severity -
SRG-APP-000516-NDM-000317
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to establish trust relationships with parent OTSDN Controller(s).
<VulnDiscussion>Machine to machine initial trust must be established between the OTSDN controller and the SEL-2740S for authenticating all co...Rule Medium Severity -
SRG-APP-000516-NDM-000317
<GroupDescription></GroupDescription>Group -
The SEL-2740S must be configured to send log data to a syslog server for the purpose of forwarding alerts to the administrators and the ISSO.
<VulnDiscussion>Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestab...Rule Medium Severity -
SRG-APP-000395-NDM-000347
<GroupDescription></GroupDescription>Group -
The SEL-2740S must authenticate Network Time Protocol sources using authentication that is cryptographically based.
<VulnDiscussion>If Network Time Protocol is not authenticated, an attacker can introduce a rogue NTP server. This rogue server can then be us...Rule Medium Severity -
SRG-APP-000516-NDM-000342
<GroupDescription></GroupDescription>Group -
The SEL-2740S must employ automated mechanisms to assist in the tracking of security incidents.
<VulnDiscussion>Despite the investment in perimeter defense technologies, enclaves are still faced with detecting, analyzing, and remediating...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.