Title

All the network level devices interconnected to the SAN are not located in a secure room with limited access. (Cat II impact)

Discussion

If the network level devices are not located in a secure area they can be tampered with which could lead to a denial of service if the device is powered off or sensitive data can be compromised by a tap connected to the device. The IAO/NSO will ensure that all the network level devices interconnected to the SAN are located in a secure room with limited access.

Check Content

The reviewer will interview the IAO/NSO and view the network level devices to verify whether they are located in a secure room with limited access.

Fix Text

Develop a plan to move the network level devices to a location/room where the can be physically secured in a manner appropriate to the classification level of the data the handle. Obtain CM approval of the plan and then implement the plan moving the devices.

Additional Identifiers

Rule ID: SV-6751r1_rule

Vulnerability ID: V-6631

Group Title: Physical Access to SAN Network Devices

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.