I - Mission Critical Classified
Rules and Groups employed by this XCCDF Profile
-
NET1026
<GroupDescription></GroupDescription>Group -
Syslog messages must be retained for a minimum of 30 days online and then stored offline for one year.
<VulnDiscussion>Logging is a critical part of router security. Maintaining an audit trail of system activity logs (syslog) can help identify...Rule Low Severity -
NET1040
<GroupDescription></GroupDescription>Group -
Current and previous network element configurations must be stored in a secured location.
<VulnDiscussion>If the network element's non-volatile memory is lost without a recent configuration stored in an offline location, it may tak...Rule Low Severity -
NET1050
<GroupDescription></GroupDescription>Group -
The organization must encrypt all network device configurations while stored offline.
<VulnDiscussion>If a network device's non-volatile memory is lost without a recent configuration stored in an offline location, it may take t...Rule Medium Severity -
NET1622
<GroupDescription></GroupDescription>Group -
An Out-of-Band (OOB) management network must be deployed or 24x7 personnel must have console access for device management.
<VulnDiscussion>From an architectural point of view, providing Out-Of-Band (OOB) management of network systems is the best first step in any ...Rule Medium Severity -
NET1815
<GroupDescription></GroupDescription>Group -
All Releasable Local Area Network (REL LAN) environments must be documented in the System Security Authorization Agreement (SSAA).
<VulnDiscussion>The ISSM will ensure Releasable Local Area Network (REL LAN) environments are documented in the SSAA.</VulnDiscussion>&...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.