From Network Device Management Security Requirements Guide
Part of SRG-APP-000516-NDM-000332
Associated with: CCI-000366 CCI-001391
Administrators need to be aware of activity that occurs regarding their network device management account. Providing administrators with information regarding the date and time of their last successful login allows the administrator to determine if any unauthorized activity has occurred. This incorporates all methods of login including, but not limited to, SSH, HTTP, HTTPS, and physical connectivity. The organization-defined time period is dependent on the frequency with which administrators typically log in to the network device.
Determine if the network device notifies the administrator of the number of successful login attempts occurring during an organization-defined time period. This can be accomplished by connecting to the network device and noting if the number of successful login attempts is displayed. If the administrator is not notified of the number of successful login attempts occurring during an organization-defined time period, this is a finding.
Configure the network device to notify the administrator of the number of successful login attempts occurring during an organization-defined time period.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer