For the local account of last resort, the Cisco ISE must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.
An XCCDF Rule
Description
<VulnDiscussion>Display of the DoD-approved use notification before granting access to the network device ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users, such as when directly logging in to the device.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-242618r879547_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the administrative sessions login banner to display when users access the web or CLI interface that appears before and after an administrator logs in. By default, these login banners are disabled.
1. From the web management tool, click on Administration >> System >> Admin Access >> Settings >> Access >> Session.
2. To display the banner message before an administrator logs in, check the Pre-login banner check box and enter the message in the text box.
3. To display the banner message after an administrator logs in, check the Post-login banner check box and enter your message in the text box.
4. Click "Save".