Check: NET1040
Network Infrastructure Policy STIG:
NET1040
(in versions v10 r6 through v9 r2)
Title
Current and previous network element configurations must be stored in a secured location. (Cat III impact)
Discussion
If the network element's non-volatile memory is lost without a recent configuration stored in an offline location, it may take time to recover that segment of the network. Users connected directly to the switch or router will be without service for a longer than acceptable time.
Check Content
At a minimum, a copy of the current and previous network element configurations must be saved. Storage can take place on a classified network, OOB network, or offline. If the current and previous network element configurations are not stored in a secured location, this is a finding.
Fix Text
The network administrator will store the current and previous router and switch configurations in a secure location. Storage can take place on a classified network, OOB network, or offline. Configurations can only be accessed by server or network admin.
Additional Identifiers
Rule ID: SV-251375r853654_rule
Vulnerability ID: V-251375
Group Title: NET1040
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001785 |
The organization provides a centralized repository for the inventory of information system components. |
CCI-001815 |
The organization defines the security safeguards to be applied to devices when they return from areas of significant risk. |