STIGQter: STIG Summary: SEL-2740S L2S Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 02 May 2019:

The SEL-2740S must be configured to capture all packets without flow rule match criteria.

DISA Rule

SV-102367r1_rule

Vulnerability Number

V-92279

Group Title

SRG-NET-000512-L2S-000029

Rule Version

SELS-SW-000290

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

To configure to capture all packets without flow rule match criteria, do the following:
1. Log on to OTSDN Controller using Permission Level 3.
2. Click "Flow Entries" in Navigation Menu.
3. Click "Add Flow" button.
4. Enter a "no match" flow rule for given ports.
5. Click "Submit".

Check Contents

Review the SEL-2740S to ensure that the "no match criteria" rule is set to capture the packet for analysis as a possible injection or intrusion.

If the SEL-2740S is not configured to with the "no match criteria" rules for the Security Information and Event Manager (SIEM), this is a finding.

Vulnerability Number

V-92279

Documentable

False

Rule Version

SELS-SW-000290

Severity Override Guidance

Review the SEL-2740S to ensure that the "no match criteria" rule is set to capture the packet for analysis as a possible injection or intrusion.

If the SEL-2740S is not configured to with the "no match criteria" rules for the Security Information and Event Manager (SIEM), this is a finding.

Check Content Reference

M

Target Key

3385

Comments