Network infrastructure devices, such as router, switches, firewalls, etc., that support the Test/Development enclave are not STIG compliant.

From Enclave - Zone B Checklist

Part of Network devices not STIG compliant.

Associated with IA controls: ECSC-1

SV-14920r1_rule Network infrastructure devices, such as router, switches, firewalls, etc., that support the Test/Development enclave are not STIG compliant.

Vulnerability discussion

As systems in a lab or test environment are rarely secure, the network devices supporting the test and development zones must be properly secured IAW STIGs to avoid any test traffic from entering DoD network space or from possibility of compromise. If a tester is working to identify malicious code on a system within a test lab, and that system inadvertently communicates with the DoD production networks or systems, it puts the DoD systems at risk.

Check content

Work with the network reviewer to determine compliance. Interview the IAO to make sure there is a connection approval process in place for network infrastructure devices to be secured in compliance with STIGs prior to connection.

Fix text

The IAO will ensure network infrastructure devices used to support test and development environments are STIG compliant.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer