Skip to content
Log In

NetApp ONTAP DSC 9.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000164-NDM-000252

    Group
    Show

  • SRG-APP-000153-NDM-000249

    Group
    Show

  • ONTAP must be configured to authenticate each administrator prior to authorizing privileges based on assignment of group or role.

    To assure individual accountability and prevent unauthorized access, administrators must be individually identified and authenticated. Individual accountability mandates that each administrator is...
    Rule Medium Severity
    Show

  • SRG-APP-000156-NDM-000250

    Group
    Show

  • ONTAP must implement replay-resistant authentication mechanisms for network access to privileges accounts.

    A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be ...
    Rule Medium Severity
    Show

  • SRG-APP-000395-NDM-000310

    Group
    Show

  • ONTAP must be configured to authenticate SNMP messages using FIPS-validated Keyed-HMAC.

    Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Bidirectional authentication provides stronger safeguards to validate the...
    Rule Medium Severity
    Show

  • SRG-APP-000395-NDM-000347

    Group
    Show

  • SRG-APP-000412-NDM-000331

    Group
    Show

  • ONTAP must be configured to implement cryptographic mechanisms using FIPS 140-2.

    Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be ...
    Rule High Severity
    Show

  • SRG-APP-000166-NDM-000254

    Group
    Show

  • SRG-APP-000167-NDM-000255

    Group
    Show

  • ONTAP must enforce password complexity by requiring that at least one lowercase character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000168-NDM-000256

    Group
    Show

  • SRG-APP-000169-NDM-000257

    Group
    Show

  • ONTAP must enforce password complexity by requiring that at least one special character be used.

    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resistin...
    Rule Medium Severity
    Show

  • SRG-APP-000516-NDM-000350

    Group
    Show

  • ONTAP must be configured to send audit log data to a central log server.

    The aggregation of log data kept on a syslog server can be used to detect attacks and trigger an alert to the appropriate security personnel. The stored log data can used to detect weaknesses in se...
    Rule High Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules