The SEL-2740S must be configured to capture all packets without flow rule match criteria.
An XCCDF Rule
Description
The OTSDN switch must be capable of capturing frames that are not engineered to be in the network and send them to a Security Information and Event Manager (SIEM) or midpoint sensor for analysis.
- ID
- SV-102367r1_rule
- Version
- SELS-SW-000290
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
To configure to capture all packets without flow rule match criteria, do the following:
1. Log on to OTSDN Controller using Permission Level 3.
2. Click "Flow Entries" in Navigation Menu.
3. Click "Add Flow" button.
4. Enter a "no match" flow rule for given ports.
5. Click "Submit".