Check: SAN03.003.00
Storage Area Network STIG:
SAN03.003.00
(in versions v2 r4 through v2 r2)
Title
The default zone visibility setting is not set to “none”. (Cat II impact)
Discussion
If the default zone visibility setting is set to "none", new clients brought into the SAN will not be allowed access to any SAN zone they are not explicitly placed into. The IAO/NSO will ensure that the default zone visibility setting, if available, is set to “none”.
Check Content
Reviewer with the assistance of the IAO/NSO, verify that the default zone visibility setting is set to “none”.. If this setting is not available mark this check as N/A.
Fix Text
Locate all clients that have not been explicitly placed into a zone. Create a plan to explicitly place these clients into the correct zone(s) and after doing so the plan will include the modification of the default zone visibility setting to “none”. Obtain CM approval of the plan and then, following the plan, reconfigure the SAN to allow for the default zone visibility setting to be set to “none”.
Additional Identifiers
Rule ID: SV-6724r1_rule
Vulnerability ID: V-6605
Group Title: The default zone visibility is not set to "none"
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |