Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • The IP addresses of the hosts permitted SNMP access to the SAN management devices do not belong to the internal network.

    <VulnDiscussion>SNMP, by virtue of what it is designed to do, can be a large security risk. Because SNMP can obtain device information and se...
    Rule Medium Severity
  • Fibre Channel network End-User Platform Restricted

    <GroupDescription></GroupDescription>
    Group
  • End-user platforms are directly attached to the Fibre Channel network or access storage devices directly.

    &lt;VulnDiscussion&gt;End-user platforms should only be connected to servers that run applications that access the data found on the SAN devices. ...
    Rule Low Severity
  • Backup of critical SAN Software and configurations

    <GroupDescription></GroupDescription>
    Group
  • Fabric switch configurations and management station configuration are not archived and/or copies of the operating system and other critical software for all SAN components are not stored in a fire rated container or are not collocated with the operational software.

    &lt;VulnDiscussion&gt;.Backup and recovery procedures are critical to the security and availability of the SAN system. If a system is compromised,...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules