The Juniper EX switch must not use the default VLAN for management traffic.
An XCCDF Rule
Description
By default, all unassigned interfaces are placed into the default VLAN and if used for management, could unintentionally expose sensitive traffic or protected resources to unauthorized devices.
- ID
- SV-253969r997519_rule
- Version
- JUEX-L2-000220
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the switch for management access to use a VLAN other than the default VLAN.
set interfaces <interface name> unit 0 family ethernet-switching interface-mode access
set interfaces <interface name> unit 0 family ethernet-switching vlan members <vlan name>