The HP FlexFabric Switch must automatically audit account disabling actions.

From HP FlexFabric Switch NDM Security Technical Implementation Guide

Part of SRG-APP-000028-NDM-000210

Associated with: CCI-001404

SV-80637r1_rule The HP FlexFabric Switch must automatically audit account disabling actions.

Vulnerability discussion

Account management, as a whole, ensures access to the HP FlexFabric Switch is being controlled in a secure manner by granting access to only authorized personnel. Auditing account disabling actions will support account management procedures. When device management accounts are disabled, user or service accessibility may be affected. Auditing also ensures authorized active accounts remain enabled and available for use when required.

Check content

Determine if the info-center feature is enabled on the HP FlexFabric Switch: [HP] display info-center Information Center: Enabled If logging is not enabled, this is a finding.

Fix text

Enable info-center feature on the HP FlexFabric Switch: [HP] info-center enable Note: By default, the information center is enabled. Account disabling actions on the SUT generates an automatic log entry in the system's log.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer