A secure Out Of Band (OOB) network must be utilized for management of Infoblox Grid Members.
An XCCDF Rule
Description
<VulnDiscussion>The Infoblox Grid Master is the central point of management within an Infoblox Grid. The Grid Master retains a full copy of the configuration used for the entire Grid. The Grid Master should communicate to Grid Members using their Management port connected to an Out Of Band (OOB) network which clients cannot access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-214226r612370_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Navigate to Grid >> Grid Manager >> Members tab.
Edit each member and configure the MGMT port on the Network tab and enable VPN over MGMT on the Advanced portion of the Network tab.
Grid Masters and Grid Master candidates utilize the LAN1 port for communication and should not allow any direct client access.