Check: AMLS-NM-000500
Arista MLS DCS-7000 Series NDM STIG:
AMLS-NM-000500
(in versions v1 r3 through v1 r2)
Title
The Arista Multilayer Switch must be updated to one of the minimum approved versions of EOS. (Cat III impact)
Discussion
The Arista Multilayer Switch uses the EOS operating system. Updates to EOS contain new security-related features and security patches that address known vulnerabilities. Running a current DoD-approved software version improves the security posture of the network device.
Check Content
Verify the Arista Multilayer Switch configuration using the “Show version” command. Review the software image version, and verify it is a minimum DoD-approved version. The current approved minimum versions are 4.16.0F, 4.15.3F, 4.14.11M, or later. If the Arista Multilayer Switch is not using a minimum approved versions of EOS, this is a finding.
Fix Text
Configure the Arista Multilayer Switch to use an approved software version. Download the approved version from www.arista.com/support, copy the .swi file to flash via an approved file transfer mechanism, and then enter: Enable Configure Boot system flash:<your_image.swi> Write memory reload
Additional Identifiers
Rule ID: SV-81685r1_rule
Vulnerability ID: V-67195
Group Title: SRG-APP-000516-NDM-000317
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |