Title

Simple Network Management Protocol (SNMP) is used and it is not configured in accordance with the guidance contained in the Network Infrastructure STIG. (Cat II impact)

Discussion

There are vulnerabilities in some implementations and some configurations of SNMP. Therefore if SNMP is used the guidelines found in the Network Infrastructure STIG in selecting a version of SNMP to use and how to configure it will be followed. If Simple Network Management Protocol (SNMP) is used, the IAO/NSO will ensure it is configured in accordance with the guidance contained in the Network Infrastructure STIG.

Check Content

With the assistance of the IAO/NSO, verify that if Simple Network Management Protocol (SNMP) is used, it is configured in accordance with the guidance contained in the Network Infrastructure STIG. NOTE: The intent of this check is to ensure that the other checklists were applied. If they are applied then, regardless of what the findings are, this is not a finding. The objective of this policy is met if the other checklist was applied and documented.

Fix Text

Develop a plan to implement SNMP that is compliant with the Network Infrastructure STIG. Obtain CM approval and execute the plan. NOTE: The intent of this check is to ensure that the other applicable checklists were applied. If they are applied then, regardless of what the findings are, this is not a finding. The objective of this policy is met if the other checklists were applied and documented.

Additional Identifiers

Rule ID: SV-6798r1_rule

Vulnerability ID: V-6652

Group Title: SNMP usage and configuration.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.