The SAN must be configured to use bidirectional authentication.
An XCCDF Rule
Description
Switch-to-switch management traffic does not have to be encrypted. Bidirectional authentication ensures that a rogue switch cannot be inserted and be auto configured to join the fabric.
| Property | Value |
|---|---|
| Responsibility | Information Assurance Officer |
| Potential Impact | Failure to configure all components to use encryption could cause the SAN to degrade or fail. |
- ID
- SV-6753r2_rule
- Version
- SAN04.010.00
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Configure the SAN fabric switches to use bidirectional authentication between switches.