Check: NET1639
Network - Firewall:
NET1639
(in versions v8 r25 through v8 r21)
Title
The network devices must timeout management connections for administrative access after 10 minutes or less of inactivity. (Cat II impact)
Discussion
Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled between the managed network device and a PC or terminal server when the later has been left unattended. In addition quickly terminating an idle session will also free up resources committed by the managed network device as well as reduce the risk of a management session from being hijacked. Setting the timeout of the session to 10 minutes or less increases the level of protection afforded critical network components.
Check Content
Review the management connection for administrative access and verify the network device is configured to time-out the connection at 10 minutes or less of inactivity. If the device does not terminate inactive management connections at 10 minutes or less, this is a finding.
Fix Text
Configure the network devices to ensure the timeout for unattended administrative access connections is no longer than 10 minutes.
Additional Identifiers
Rule ID:
Vulnerability ID: V-3014
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |