Simple Network Management Protocol (SNMP) is used and it is not configured in accordance with the guidance contained in the Network Infrastructure STIG.
An XCCDF Rule
Description
There are vulnerabilities in some implementations and some configurations of SNMP. Therefore if SNMP is used the guidelines found in the Network Infrastructure STIG in selecting a version of SNMP to use and how to configure it will be followed. If Simple Network Management Protocol (SNMP) is used, the IAO/NSO will ensure it is configured in accordance with the guidance contained in the Network Infrastructure STIG.
| Property | Value |
|---|---|
| Responsibility | Information Assurance Officer |
| Potential Impact | Network monitoring tools that are not modified to match the configuration used for SNMP in the SAN will fail. |
- ID
- SV-6798r1_rule
- Version
- SAN04.021.00
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Develop a plan to implement SNMP that is compliant with the Network Infrastructure STIG. Obtain CM approval and execute the plan.
NOTE: The intent of this check is to ensure that the other applicable checklists were applied. If they are applied then, regardless of what the findings are, this is not a finding. The objective of this policy is met if the other checklists were applied and documented.