End-user platforms are directly attached to the Fibre Channel network or access storage devices directly.
An XCCDF Rule
Description
End-user platforms should only be connected to servers that run applications that access the data found on the SAN devices. SANs do not supply a robust user identification and authentication platform. They depend on the servers and applications to authenticate the users and restrict access to users as required. The IAO/NSO will ensure that end-user platforms are not directly attached to the Fibre Channel network and may not access storage devices directly.
| Property | Value |
|---|---|
| Responsibility | Information Assurance Officer |
| IA Controls | DCBP-1 |
| Potential Impact | End-user platforms attached to the SAN may be dependent upon the SAN for storage. An alternate type of storage will need to be found for these platforms. |
- ID
- SV-6807r1_rule
- Version
- SAN04.024.00
- Severity
- Low
- Updated
Remediation Templates
A Manual Procedure
Develop a plan to remove end-user platforms from the SAN. Obtain CM approval for the plan and implement the plan.