STIGQter: STIG Summary: HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 28 Jul 2017:

The storage system in a hardened configuration must be configured to encrypt data associated with the Remote Copy feature.

DISA Rule

SV-89331r1_rule

Vulnerability Number

V-74657

Group Title

SRG-OS-000423-GPOS-00187

Rule Version

HP3P-32-001005

Severity

CAT I

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

Properly configure a Nokia 1830 encrypting switch to encrypt all data related to the Remote Copy feature or disable the Remote Copy feature with the following command:

cli% stoprcopy

Check Contents

Determine if the Remote Copy feature is running via the following command:

cli% showrcopy
Remote Copy is not configured on this system.

If Remote Copy is not configured, this requirement is not applicable.

If the Status is "Started" inspect the data path to and from the host for the proper use of a Nokia 1830 encrypting switch.

If all data does not traverse this switch, this is a finding.

Vulnerability Number

V-74657

Documentable

False

Rule Version

HP3P-32-001005

Severity Override Guidance

Determine if the Remote Copy feature is running via the following command:

cli% showrcopy
Remote Copy is not configured on this system.

If Remote Copy is not configured, this requirement is not applicable.

If the Status is "Started" inspect the data path to and from the host for the proper use of a Nokia 1830 encrypting switch.

If all data does not traverse this switch, this is a finding.

Check Content Reference

M

Target Key

3013

Comments