The organization must ensure all switches and associated cross-connect hardware are kept in a secure Intermediate Distribution Frame (IDF) or an enclosed cabinet that is kept locked.

From Network Infrastructure Policy Security Technical Implementation Guide

Part of NET-VLAN-001 Switches cross-connects are not in secure IDF or locked cabinet

Associated with: CCI-000366

SV-8567r3_rule The organization must ensure all switches and associated cross-connect hardware are kept in a secure Intermediate Distribution Frame (IDF) or an enclosed cabinet that is kept locked.

Vulnerability discussion

Since the IDF includes all hardware required to connect horizontal wiring to the backbone, it is imperative that all switches and associated cross-connect hardware are kept in a secured IDF or an enclosed cabinet that is kept locked. This will also prevent an attacker from gaining privilege mode access to the switch. Several switch products only require a reboot of the switch in order to reset or recover the password.

Check content

Inspect switches and associated cross-connect hardware are kept in a secured IDF. If the hardware is located in an open area, verify all hardware is located in a secured and locked cabinet. If switches and associated cross-connect hardware are not kept in secured IDFs or locked cabinet, this is a finding.

Fix text

Place switches and associated cross-connect hardware in a secured IDF. If the hardware is located in an open area, ensure the hardware is located in a secured and locked cabinet.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.