III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
Anti-virus on servers and host.
<GroupDescription></GroupDescription>Group -
Vendor supported, DOD approved, anti-virus software is not installed and configured on all SAN servers in accordance with the applicable operating system STIG on SAN servers and management devices and kept up-to-date with the most recent virus definition tables.
<VulnDiscussion>The SAN servers and other hosts are subject to virus and worm attacks as are any systems running an OS. If the anti-virus so...Rule High Severity -
SAN Topology Drawing
<GroupDescription></GroupDescription>Group -
A current drawing of the site’s SAN topology that includes all external and internal links, zones, and all interconnected equipment is not being maintained.
<VulnDiscussion>A drawing of the SAN topology gives the IAO and other interested individuals a pictorial representation of the SAN. This can...Rule Medium Severity -
Physical Access to SAN Network Devices
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.