Storage Area Network STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SAN components are not configured with fixed IP addresses.
Without fixed IP address filtering or restricting of access based on IP addressing will not function correctly allowing unauthorized access to SAN components or creating a denial of service by bloc...Rule Medium Severity -
The manufacturer’s default PKI keys have not been changed prior to attaching the switch to the SAN Fabric.
If the manufacturer's default PKI keys are allowed to remain active on the device, it can be accessed by a malicious individual with access to the default key. The IAO/NSO will ensure that the manu...Rule Low Severity -
The manufacturer’s default passwords have not been changed for all SAN management software.
The changing of passwords from the default value blocks malicious users with knowledge of the default passwords for the manufacturer's SAN Management software from creating a denial of service by d...Rule High Severity -
A current drawing of the site’s SAN topology that includes all external and internal links, zones, and all interconnected equipment is not being maintained.
A drawing of the SAN topology gives the IAO and other interested individuals a pictorial representation of the SAN. This can be helpful in diagnosing potential security problems. The IAO/NSO will ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules