Check: NET1050
Network Infrastructure Policy STIG:
NET1050
(in versions v10 r6 through v9 r2)
Title
The organization must encrypt all network device configurations while stored offline. (Cat II impact)
Discussion
If a network device's non-volatile memory is lost without a recent configuration stored in an offline location, it may take time to recover that segment of the network. Users connected directly to the switch or router will be without service for a longer than acceptable time. Encrypting the configuration stored offline protects the data at rest and provides additional security to prevent tampering and potentially cause a network outage if the configuration were to be put into service.
Check Content
Inspect the network element configurations that have been stored offline. If the configurations are not encrypted, this is a finding.
Fix Text
Encrypt all network device configurations stored offline.
Additional Identifiers
Rule ID: SV-251376r853655_rule
Vulnerability ID: V-251376
Group Title: NET1050
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002345 |
The organization defines the data storage objects that are to be protected against data mining attempts. |
CCI-002375 |
The organization takes organization-defined corrective actions when information about the information system is discoverable by adversaries. |