The network device must not be configured to have any feature enabled that calls home to the vendor.
An XCCDF Rule
Description
<VulnDiscussion>Call-home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. (See SRG-NET-000131-RTR-000083.)</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-243226r720133_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the network device to disable the call home service or feature.
Note: This feature can be enabled if the communication is only to a server residing in the local area network or enclave.