II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000516-NDM-000335
<GroupDescription></GroupDescription>Group -
The HP FlexFabric Switch must enforce access restrictions associated with changes to the system components.
<VulnDiscussion>Changes to the hardware or software components of the HP FlexFabric Switch can have significant effects on the overall securi...Rule Medium Severity -
SRG-APP-000516-NDM-000340
<GroupDescription></GroupDescription>Group -
The HP FlexFabric Switch must support organizational requirements to conduct backups of system level information contained in the information system when changes occur or weekly, whichever is sooner.
<VulnDiscussion>System-level information includes default and customized settings and security attributes, including ACLs that relate to the ...Rule Low Severity -
SRG-APP-000516-NDM-000342
<GroupDescription></GroupDescription>Group -
The HP FlexFabric Switch must employ automated mechanisms to assist in the tracking of security incidents.
<VulnDiscussion>Despite the investment in perimeter defense technologies, enclaves are still faced with detecting, analyzing, and remediating...Rule Medium Severity -
SRG-APP-000516-NDM-000344
<GroupDescription></GroupDescription>Group -
The HP FlexFabric Switch must obtain its public key certificates from an appropriate certificate policy through an approved service provider.
<VulnDiscussion>For user certificates, each organization obtains certificates from an approved, shared service provider, as required by OMB p...Rule Medium Severity -
SRG-APP-000516-NDM-000341
<GroupDescription></GroupDescription>Group -
The HP FlexFabric Switch must have a local account that will only be used as an account of last resort with full access to the network device.
<VulnDiscussion>In the event the network device loses connectivity to the management network authentication service, only a local account can...Rule High Severity -
SRG-APP-000516-NDM-000341
<GroupDescription></GroupDescription>Group -
The HP FlexFabric switch must be configured to utilize an authentication server for the purpose of authenticating privilege users, managing accounts, and to centrally verify authentication settings and Personal Identity Verification (PIV) credentials.
<VulnDiscussion>To assure accountability and prevent unauthenticated access, organizational administrators must be uniquely identified and au...Rule Medium Severity -
SRG-APP-000516-NDM-000341
<GroupDescription></GroupDescription>Group -
The HP FlexFabric switch must be configured to send log data to a syslog server for the purpose of forwarding alerts to the administrators and the ISSO.
<VulnDiscussion>Once an attacker establishes initial access to a system, the attacker often attempts to create a persistent method of reestab...Rule Medium Severity -
SRG-APP-000516-NDM-000341
<GroupDescription></GroupDescription>Group -
The HP FlexFabric switch must be configured to send SNMP traps and notifications to the SNMP manager for the purpose of sending alarms and notifying appropriate personnel as required by specific events.
<VulnDiscussion>If appropriate actions are not taken when a network device failure occurs, a denial of service condition may occur which coul...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.