STIGQter STIGQter: STIG Summary: SEL-2740S L2S Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 02 May 2019

CheckedNameTitle
SV-102363r1_ruleThe SEL-2740S must uniquely identify all network-connected endpoint devices before establishing any connection.
SV-102365r1_ruleThe SEL-2740S must be configured to mitigate the risk of ARP cache poisoning attacks.
SV-102367r1_ruleThe SEL-2740S must be configured to capture all packets without flow rule match criteria.
SV-102369r1_ruleThe SEL-2740S must be configured with backup flows for all host and switch flows to ensure proper failover scheme is in place for the network.
SV-102371r1_ruleThe SEL-2740S must be configured to forward only frames from allowed network-connected endpoint devices.
SV-102401r1_ruleThe SEL-2740S must be configured to permit the allowed and necessary ports, functions, protocols, and services.
SV-102403r1_ruleThe SEL-2740S -must be configured to limit excess bandwidth and denial of service (DoS) attacks.
SV-102405r1_ruleThe SEL-2740S must be configured to packet capture flows.
SV-102407r1_ruleThe SEL-2740S must be configured to capture flows for real-time visualization tools.
SV-102409r1_ruleThe SEL-2740S must be configured to prevent packet flooding and bandwidth saturation.
SV-102411r1_ruleSEL-2740S flow rules must include the host IP addresses that are bound to designated SEL-2740S ports for ensuring trusted host access.
SV-102413r1_ruleThe SEL-2740S must be configured with ARP flow rules that are statically created with valid IP-to-MAC address bindings.
SV-104417r2_ruleThe SEL-2740S must authenticate all network-connected endpoint devices before establishing any connection.