STIGQter STIGQter: STIG Summary: SEL-2740S NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 02 May 2019:

The SEL-2740S must be configured to establish trust relationships with parent OTSDN Controller(s).

DISA Rule

SV-102397r1_rule

Vulnerability Number

V-92309

Group Title

SRG-APP-000516-NDM-000317

Rule Version

SELS-ND-001420

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

To configure the SEL-2740S for initial trust and X.509 certificate creation for TLS communications, the device needs to be adopted by OTSDN controller.
Before adopting, create an SEL-2740S configuration node object.

To adopt an SEL-2740S do the following:
1. Go to the "Topology" page.
2. Select on the SEL-2740S you want to adopt. The "Option" window shows the SEL-2740S "Node Options" pane.
3. Select the SEL-2740S configuration node from the "Configuration" setting. The "Adopt Configuration" button is enabled.
4. Click the "Adopt Configuration" button. The "Feedback" bar displays "Success" to indicate successful application of the configuration node. The adoption process starts.
5. Wait until the alarm contact pulses (about 30 to 60 seconds). After clicking the "Adopt" button, the process may take a minute or longer to complete depending on the speed of the SEL-5056 host machine. When complete, the selected object becomes adopted, the appropriate ports appear, and the Adoption State is "Adopted".

Check Contents

Ensure the SEL-2740S is adopted by only the appropriate OTSDN Controller(s) by checking the "Topology" page on the OTSDN Controller for the SEL-2740S under test to ensure it is adopted by the appropriate OTSDN Controller(s).

If the SEL-2740S is adopted by a rogue OTSDN Controller or does not appear as an adopted device in the network, this is a finding.

Vulnerability Number

V-92309

Documentable

False

Rule Version

SELS-ND-001420

Severity Override Guidance

Ensure the SEL-2740S is adopted by only the appropriate OTSDN Controller(s) by checking the "Topology" page on the OTSDN Controller for the SEL-2740S under test to ensure it is adopted by the appropriate OTSDN Controller(s).

If the SEL-2740S is adopted by a rogue OTSDN Controller or does not appear as an adopted device in the network, this is a finding.

Check Content Reference

M

Target Key

3383

Comments