STIGQter: STIG Summary: SDN Using NV Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 27 Feb 2017:

Southbound API management plane traffic for configuring SDN parameters on physical network elements must be encrypted using a FIPS-validated cryptographic module.

DISA Rule

SV-87741r1_rule

Vulnerability Number

V-73089

Group Title

NET-SDN-009

Rule Version

NET-SDN-009

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Encrypt all southbound API management plane traffic using a using a FIPS-validated cryptographic module. Implement a cryptographic module that has a validation certification and is listed on the NIST Cryptographic Module Validation Program's (CMVP) validation list.

Check Contents

Determine if the southbound API management plane traffic is encrypted using a FIPS-validated cryptographic module. If the Southbound API management plane traffic is not encrypted using a FIPS-validated cryptographic module, this is a finding.

Vulnerability Number

V-73089

Documentable

False

Rule Version

NET-SDN-009

Severity Override Guidance

Determine if the southbound API management plane traffic is encrypted using a FIPS-validated cryptographic module. If the Southbound API management plane traffic is not encrypted using a FIPS-validated cryptographic module, this is a finding.

Check Content Reference

M

Target Key

3089

Comments