Cisco ISE NDM Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000169-NDM-000257
Group -
SRG-APP-000172-NDM-000259
Group -
SRG-APP-000395-NDM-000347
Group -
SRG-APP-000164-NDM-000252
Group -
SRG-APP-000166-NDM-000254
Group -
SRG-APP-000317-NDM-000282
Group -
SRG-APP-000001-NDM-000200
Group -
The Cisco ISE must limit the number of CLI and GUI sessions to an organization-defined number.
Device management includes the ability to control the number of management sessions that manage a device. Limiting the number of allowed sessions is helpful in limiting risks related to DoS attacks...Rule Low Severity -
The Cisco ISE must change the password for the local CLI and web-based account when members who have access to the password leave the role and are no longer authorized access.
If shared/group account credentials are not terminated when individuals leave the group, the user that left the group can still gain access even though they are no longer authorized. There may also...Rule Medium Severity -
For the local web-based account of last resort, the Cisco ISE must automatically audit account creation.
Upon gaining access to a network device, an attacker will often first attempt to create a persistent method of reestablishing access. One way to accomplish this is to create a new account. Notifica...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.