Skip to content

No profile (default benchmark)

Rules and Groups employed by this XCCDF Profile

  • SNMP usage and configuration.

    <GroupDescription></GroupDescription>
    Group
  • Simple Network Management Protocol (SNMP) is used and it is not configured in accordance with the guidance contained in the Network Infrastructure STIG.

    &lt;VulnDiscussion&gt;There are vulnerabilities in some implementations and some configurations of SNMP. Therefore if SNMP is used the guidelines ...
    Rule Medium Severity
  • Authorized IP Addresses allowed for SNMP

    <GroupDescription></GroupDescription>
    Group
  • Unauthorized IP addresses are allowed Simple Network Management Protocol (SNMP) access to the SAN devices.

    &lt;VulnDiscussion&gt;SNMP, by virtue of what it is designed to do, can be a large security risk. Because SNMP can obtain device information and se...
    Rule High Severity
  • Only Internal Network SNMP Access to SAN

    <GroupDescription></GroupDescription>
    Group
  • The IP addresses of the hosts permitted SNMP access to the SAN management devices do not belong to the internal network.

    &lt;VulnDiscussion&gt;SNMP, by virtue of what it is designed to do, can be a large security risk. Because SNMP can obtain device information and se...
    Rule Medium Severity
  • Fibre Channel network End-User Platform Restricted

    <GroupDescription></GroupDescription>
    Group
  • End-user platforms are directly attached to the Fibre Channel network or access storage devices directly.

    &lt;VulnDiscussion&gt;End-user platforms should only be connected to servers that run applications that access the data found on the SAN devices. ...
    Rule Low Severity
  • Backup of critical SAN Software and configurations

    <GroupDescription></GroupDescription>
    Group
  • Fabric switch configurations and management station configuration are not archived and/or copies of the operating system and other critical software for all SAN components are not stored in a fire rated container or are not collocated with the operational software.

    &lt;VulnDiscussion&gt;.Backup and recovery procedures are critical to the security and availability of the SAN system. If a system is compromised,...
    Rule Medium Severity
  • SAN Fixed IP Required.

    <GroupDescription></GroupDescription>
    Group
  • SAN components are not configured with fixed IP addresses.

    &lt;VulnDiscussion&gt;Without fixed IP address filtering or restricting of access based on IP addressing will not function correctly allowing unaut...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules