STIGQter: STIG Summary: Network Device Management Security Requirements Guide Version: 3 Release: 2 Benchmark Date: 24 Jan 2020: The network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.

DISA Rule

SV-69273r2_rule

Vulnerability Number

V-55027

Group Title

SRG-APP-000001-NDM-000200

Rule Version

SRG-APP-000001-NDM-000200

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Configure the network device to limit the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

Check Contents

Review the network device configuration to see if the device limits the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

If the network device does not limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type, this is a finding.

Vulnerability Number

V-55027

Documentable

False

Rule Version

SRG-APP-000001-NDM-000200

Severity Override Guidance

Review the network device configuration to see if the device limits the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types.

If the network device does not limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type, this is a finding.

Check Content Reference

M

Target Key

2729

Comments