Network management ports on the SAN fabric switches except those needed to support the operational commitments of the sites are not disabled.

From Storage Area Network STIG

Part of SAN Network Management Ports Fabric Switch

Associated with IA controls: DCBP-1

SV-6769r2_rule Network management ports on the SAN fabric switches except those needed to support the operational commitments of the sites are not disabled.

Vulnerability discussion

Enabled network management ports that are not required expose the SAN fabric switch and the entire network to unnecessary vulnerabilities. By disabling these unneeded ports the exposure profile of the device and network is diminished.The IAO/NSO will disable all network management ports on the SAN fabric switches except those needed to support the operational commitments of the sites.

Check content

The reviewer will, with the assistance of the IAO/NSO, verify that all network management ports on the SAN fabric switches are disabled except those needed to support the operational commitments of the sites.

Fix text

Develop a plan to locate and disable all network management ports that are not required to support the operational commitments of the sites. Obtain CM approval of the plan and then execute the plan.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer