Storage Area Network STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The SAN is not configured to use FIPS 140-1/2 validated encryption algorithm to protect management-to-fabric communications.
<VulnDiscussion>The communication between the SAN management consol and the SAN fabric carries sensitive privileged configuration data. This...Rule Low Severity -
Password SAN Management Console and Ports
<GroupDescription></GroupDescription>Group -
All SAN management consoles and ports are not password protected.
<VulnDiscussion>Without password protection malicious users can create a denial of service by disrupting the SAN or allow the compromise of s...Rule High Severity -
Default SAN Management Software Password
<GroupDescription></GroupDescription>Group -
The SAN fabric zoning lists are not based on a policy of Deny-by-Default with blocks on all services and protocols not required on the given port or by the site.
<VulnDiscussion>By using the Deny-by-Default based policy, any service or protocol not required by a port and overlooked in the zoning list w...Rule High Severity -
Logging Failed Access to Port, Protocols, Services
<GroupDescription></GroupDescription>Group -
Attempts to access ports, protocols, or services that are denied are not logged..
<VulnDiscussion>Logging or auditing of failed access attempts is a necessary component for the forensic investigation of security incidents. ...Rule Low Severity -
SNMP usage and configuration.
<GroupDescription></GroupDescription>Group -
Simple Network Management Protocol (SNMP) is used and it is not configured in accordance with the guidance contained in the Network Infrastructure STIG.
<VulnDiscussion>There are vulnerabilities in some implementations and some configurations of SNMP. Therefore if SNMP is used the guidelines ...Rule Medium Severity -
Authorized IP Addresses allowed for SNMP
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.