STIGQter: STIG Summary: HP FlexFabric Switch RTR Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: HP FlexFabric Switch RTR Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:SV-80625r1_rule
V-66135
SRG-NET-000019-RTR-000003
HFFS-RT-000024
CAT II
10
Disable PIM on the HP FlexFabric Switch interfaces that should not have it enabled:
[HP-GigabitEthernet0/1] undo pim sm
Review the multicast topology diagram and determine which HP FlexFabric Switch interfaces should have Protocol Independent Multicast enabled. Disable PIM on interfaces that should not have it enabled.
If PIM is enabled interfaces that are not required to support multicast routing, this is a finding.
[HP]display current-configuration interface
interface GigabitEthernet0/1
port link-mode route
pim sm
ip address 192.168.10.1 255.255.255.0
packet-filter 3010 inbound
[HP FlexFabric SwitchD] display pim neighbor
Total Number of Neighbors = 3
Neighbor Interface Uptime Expires Dr-Priority
192.168.10.2 GE0/1 00:02:22 00:01:27 1
V-66135
False
HFFS-RT-000024
Review the multicast topology diagram and determine which HP FlexFabric Switch interfaces should have Protocol Independent Multicast enabled. Disable PIM on interfaces that should not have it enabled.
If PIM is enabled interfaces that are not required to support multicast routing, this is a finding.
[HP]display current-configuration interface
interface GigabitEthernet0/1
port link-mode route
pim sm
ip address 192.168.10.1 255.255.255.0
packet-filter 3010 inbound
[HP FlexFabric SwitchD] display pim neighbor
Total Number of Neighbors = 3
Neighbor Interface Uptime Expires Dr-Priority
192.168.10.2 GE0/1 00:02:22 00:01:27 1
M
2979