Storage Area Network STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Anti-virus on servers and host.
<GroupDescription></GroupDescription>Group -
Vendor supported, DOD approved, anti-virus software is not installed and configured on all SAN servers in accordance with the applicable operating system STIG on SAN servers and management devices and kept up-to-date with the most recent virus definition tables.
<VulnDiscussion>The SAN servers and other hosts are subject to virus and worm attacks as are any systems running an OS. If the anti-virus so...Rule High Severity -
SAN Topology Drawing
<GroupDescription></GroupDescription>Group -
SAN Fabric Zoning List Deny-By-Default
<GroupDescription></GroupDescription>Group -
Physical Access to SAN Network Devices
<GroupDescription></GroupDescription>Group -
All the network level devices interconnected to the SAN are not located in a secure room with limited access.
<VulnDiscussion>If the network level devices are not located in a secure area they can be tampered with which could lead to a denial of servi...Rule Medium Severity -
SAN Fabric Switch User Accounts with Passwords
<GroupDescription></GroupDescription>Group -
Individual user accounts with passwords are not set up and maintained for the SAN fabric switch.
<VulnDiscussion>Without identification and authentication unauthorized users could reconfigure the SAN or disrupt its operation by logging in...Rule Medium Severity -
Fabric Switches do not have bidirectional authentication
<GroupDescription></GroupDescription>Group -
The SAN must be configured to use bidirectional authentication.
<VulnDiscussion>Switch-to-switch management traffic does not have to be encrypted. Bidirectional authentication ensures that a rogue switch c...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.