Skip to content
Log In

Network WLAN AP-IG Management Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The network device must be running an operating system release that is currently supported by the vendor.

    Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities.
    Rule High Severity
    Show

  • SRG-APP-000516-NDM-000336

    Group
    Show

  • The network device must be configured to use an authentication server to authenticate users prior to granting administrative access.

    Centralized management of authentication settings increases the security of remote and nonlocal access methods. This is particularly important protection against the insider threat. With robust cen...
    Rule High Severity
    Show

  • SRG-APP-000395-NDM-000310

    Group
    Show

  • The network device must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).

    Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Bidirectional authentication provides stronger safeguards to validate the...
    Rule Medium Severity
    Show

  • SRG-APP-000148-NDM-000346

    Group
    Show

  • The network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.

    Authentication for administrative (privileged level) access to the device is required at all times. An account can be created on the device's local database for use when the authentication server i...
    Rule Medium Severity
    Show

  • SRG-APP-000065-NDM-000214

    Group
    Show

  • The network device must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any login attempt for 15 minutes.

    By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced.
    Rule Medium Severity
    Show

  • SRG-APP-000142-NDM-000245

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules