The default zone visibility setting is not set to “none”.
An XCCDF Rule
Description
If the default zone visibility setting is set to "none", new clients brought into the SAN will not be allowed access to any SAN zone they are not explicitly placed into. The IAO/NSO will ensure that the default zone visibility setting, if available, is set to “none”.
| Property | Value |
|---|---|
| Responsibility | Information Assurance Officer |
| Potential Impact | If there are client systems that have not explicitly been placed in a zone they may be denied access to data they need. |
- ID
- SV-6724r1_rule
- Version
- SAN03.003.00
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Locate all clients that have not been explicitly placed into a zone. Create a plan to explicitly place these clients into the correct zone(s) and after doing so the plan will include the modification of the default zone visibility setting to “none”. Obtain CM approval of the plan and then, following the plan, reconfigure the SAN to allow for the default zone visibility setting to be set to “none”.