STIGQter: STIG Summary: Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020:

AAA Services must be configured to use IP segments separate from production VLAN IP segments.

DISA Rule

SV-95651r1_rule

Vulnerability Number

V-80941

Group Title

SRG-APP-000516-AAA-000650

Rule Version

SRG-APP-000516-AAA-000650

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure AAA Services to use IP segments separate from production VLAN IP segments.

Check Contents

If AAA Services are not used for 802.1x authentication or to authenticate privileged users for device management, this is not applicable.

Verify AAA Services are configured to use IP segments separate from production VLAN IP segments.

If AAA Services are not configured to use IP segments separate from production VLAN IP segments, this is a finding.

Vulnerability Number

V-80941

Documentable

False

Rule Version

SRG-APP-000516-AAA-000650

Severity Override Guidance

If AAA Services are not used for 802.1x authentication or to authenticate privileged users for device management, this is not applicable.

Verify AAA Services are configured to use IP segments separate from production VLAN IP segments.

If AAA Services are not configured to use IP segments separate from production VLAN IP segments, this is a finding.

Check Content Reference

M

Target Key

3357

Comments