STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to be deployed as a cluster and on separate physical hosts.

DISA Rule

SV-95503r1_rule

Vulnerability Number

V-80793

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-SDN-001050

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Deploy the SDN controller as a cluster using on a separate physical hosts to eliminate single point of failure. Configure the SDN controller to peer with one or more controllers.

Check Contents

Review the SDN controller configuration to determine if it is configured to peer with one or more controllers. Also verify that the controller resides on a different physical host than any of its peers.

If the SDN controller is not configured to be deployed as a cluster and on separate physical hosts, this is a finding.

Vulnerability Number

V-80793

Documentable

False

Rule Version

SRG-NET-000512-SDN-001050

Severity Override Guidance

Review the SDN controller configuration to determine if it is configured to peer with one or more controllers. Also verify that the controller resides on a different physical host than any of its peers.

If the SDN controller is not configured to be deployed as a cluster and on separate physical hosts, this is a finding.

Check Content Reference

M

Target Key

3333

Comments