STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to enforce approved authorizations for access to system resources in accordance with applicable access control policies.

DISA Rule

SV-95465r1_rule

Vulnerability Number

V-80755

Group Title

SRG-NET-000015

Rule Version

SRG-NET-000015-SDN-000010

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Configure the SDN controller to utilize RBAC rules to enforce approved authorizations for access to system resources.

Check Contents

Review the SDN configuration and verify that RBAC rules have been implemented to control access to system resources within the SDN framework.

If the SDN controller is not configured to enforce approved authorizations for access to system resources, this is a finding.

Vulnerability Number

V-80755

Documentable

False

Rule Version

SRG-NET-000015-SDN-000010

Severity Override Guidance

Review the SDN configuration and verify that RBAC rules have been implemented to control access to system resources within the SDN framework.

If the SDN controller is not configured to enforce approved authorizations for access to system resources, this is a finding.

Check Content Reference

M

Target Key

3333

Comments