Title

FIPS 140-2 validated link encryption must be used end-to-end for all data streams connecting to remote access ports of the telephone switch. (Cat III impact)

Discussion

FIPS 140-2 validated encryption mechanism is used to provide security of all data streams between the management port of the DSN component and a remote management station whether connected via a modem or network. The most secure authenticated session to any remote system is accomplished via a secure connection. Encryption provides confidentiality and should be used, if possible, to secure remote access connections to DSN administration/maintenance ports.

Check Content

Review site documentation to confirm FIPS 140-2 validated link encryption is used end-to-end for all data streams connecting to remote access ports of the telephone switch. If FIPS 140-2 validated link encryption is not used for data streams connecting to remote access ports of the telephone switch, this is a finding.

Fix Text

Implement end-to-end FIPS 140-2 validated link encryption for all data streams connecting to remote access ports of the telephone switch.

Additional Identifiers

Rule ID: SV-8480r2_rule

Vulnerability ID: V-7994

Group Title: FIPS Link encryption

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.