HPE Nimble must be configured to disable HPE InfoSight.
An XCCDF Rule
Description
<VulnDiscussion>DoD requires that the Mission Owner uses only the cloud services offering listed in either the FedRAMP or DISA PA DoD Cloud Catalog to host Unclassified, public-releasable, DoD information. HPE InfoSight data collection is disabled by default in the HPE Nimble. Users must not enable it.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-252902r879588_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
In HPE Nimble Storage arrays, data collection is disabled by default.
Navigate to Administration >> Alerts and Monitoring page of the storage array management interface.
Uncheck the checkbox.