STIGQter STIGQter: STIG Summary: Layer 2 Switch Security Technical Implementation Guide - Cisco Version: 8 Release: 27 Benchmark Date: 25 Jan 2019: VLAN 1 must not be used for user VLANs.

DISA Rule

SV-3971r2_rule

Vulnerability Number

V-3971

Group Title

VLAN 1 is being used as a user VLAN.

Rule Version

NET-VLAN-004

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Best practices for VLAN-based networks is to prune unnecessary ports from gaining access to VLAN 1 as well as the management VLAN, and to separate in-band management, device protocol, and data traffic.

Check Contents

Review the device configuration and verify that access ports have not been assigned membership to the VLAN 1.

If any access ports are found in VLAN 1, this is a finding.

Vulnerability Number

V-3971

Documentable

False

Rule Version

NET-VLAN-004

Severity Override Guidance

Review the device configuration and verify that access ports have not been assigned membership to the VLAN 1.

If any access ports are found in VLAN 1, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

512

Comments