STIGQter: STIG Summary: HP FlexFabric Switch RTR Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must be configured so inactive HP FlexFabric Switch interfaces are disabled.

DISA Rule

SV-80455r1_rule

Vulnerability Number

V-65965

Group Title

SRG-NET-000019-RTR-000007

Rule Version

HFFS-RT-000001

Severity

CAT II

CCI(s)

• CCI-001414 - The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.

Weight

10

Fix Recommendation

Disable inactive the HP FlexFabric Switch interface:

[HP-GigabitEthernet0/1] shutdown

Check Contents

Review the network topology diagram and determine which HP FlexFabric Switch interfaces should be inactive.

If there are inactive HP FlexFabric Switch interfaces that are enabled, this is a finding.

[HP]display current-configuration interface
interface GigabitEthernet0/1
port link-mode route
pim sm
ip address 192.168.10.1 255.255.255.0
packet-filter 3010 inbound

Vulnerability Number

V-65965

Documentable

False

Rule Version

HFFS-RT-000001

Severity Override Guidance

Review the network topology diagram and determine which HP FlexFabric Switch interfaces should be inactive.

If there are inactive HP FlexFabric Switch interfaces that are enabled, this is a finding.

[HP]display current-configuration interface
interface GigabitEthernet0/1
port link-mode route
pim sm
ip address 192.168.10.1 255.255.255.0
packet-filter 3010 inbound

Check Content Reference

M

Target Key

2979

Comments