Network Device Management Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The network device must be configured to update the list of passwords when organizational passwords are suspected to have been compromised directly or indirectly for password-based authentication.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
The network device must be configured to employ automated tools to assist the user in selecting strong password authenticators for password-based authentication.
Password-based authentication applies to passwords regardless of whether they are used in single-factor or multifactor authentication. Long passwords or passphrases are preferable over shorter pass...Rule Medium Severity -
SRG-APP-000142
Group -
SRG-APP-000170
Group -
SRG-APP-000190
Group -
SRG-APP-000002
Group -
SRG-APP-000003
Group -
The network device must initiate a session lock after a 15-minute period of inactivity.
A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Rather than relying on the user t...Rule Medium Severity -
SRG-APP-000004
Group -
SRG-APP-000005
Group -
The network device must retain the session lock until the administrator reestablishes access using established identification and authentication procedures.
A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Once invoked, the session lock sh...Rule Medium Severity -
SRG-APP-000026
Group -
SRG-APP-000027
Group -
The network device must automatically audit account modification.
Since the accounts in the network device are privileged or system-level accounts, account management is vital to the security of the network device. Account management by a designated authority ens...Rule Medium Severity -
SRG-APP-000028
Group -
The network device must automatically audit account disabling actions.
Account management, as a whole, ensures access to the network device is being controlled in a secure manner by granting access to only authorized personnel. Auditing account disabling actions will ...Rule Medium Severity -
SRG-APP-000029
Group -
SRG-APP-000033
Group -
The network device must be configured to assign appropriate user roles or access levels to authenticated users.
Successful identification and authentication must not automatically give an entity full access to a network device or security domain. The lack of authorization-based access control could result in...Rule High Severity -
SRG-APP-000038
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.