Title

The RUCKUS ICX management network gateway must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit. (Cat II impact)

Discussion

When the production network is managed in-band or out-of-band (OOBM), the management network could be housed at a NOC that is located remotely at single or multiple interconnected sites. NOC interconnectivity, as well as connectivity between the NOC and the managed network, must be enabled using IPsec tunnels or dedicated circuits to provide the separation and integrity of the managed traffic.

Check Content

This requirement is not applicable for the DODIN Backbone. Review the network topology diagram to determine connectivity between the managed network and the NOC. Review the management network gateway router configuration to validate the path and interface that the management traffic traverses. If management traffic is not transported between the managed network and the NOC via dedicated circuit, this is a finding.

Fix Text

This requirement is not applicable for the DODIN Backbone. Deploy a dedicated circuit to transport management traffic between the managed network and the NOC.

Additional Identifiers

Rule ID: SV-273613r1110924_rule

Vulnerability ID: V-273613

Group Title: SRG-NET-000205-RTR-000009

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.