A secure out-of-band (OOB) network must be used for management of Infoblox Grid Members.
An XCCDF Rule
Description
<VulnDiscussion>The Infoblox Grid Master is the central point of management within an Infoblox Grid. The Grid Master retains a full copy of the configuration used for the entire Grid. The Grid Master must communicate to Grid Members using their Management port connected to an OOB network that clients cannot access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-233882r621666_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
1. Navigate to Grid >> Grid Manager >> Members tab.
2. Edit each member and configure the MGMT port on the "Network" tab and enable VPN over MGMT on the "Advanced" portion of the "Network" tab.
3. Grid Masters and Grid Master candidates use the LAN1 port for communication and should not allow any direct client access.