CISC-RT-000150 – The Cisco switch must be configured to have gratuitous ARP disabled on all external interfaces.

Details

A gratuitous ARP is an ARP broadcast in which the source and destination MAC addresses are the same. It is used to inform the network about a host IP address. A spoofed gratuitous ARP message can cause network mapping information to be stored incorrectly, causing network malfunction.

Solution

Disable gratuitous ARP as shown in the example below:

SW1(config)#no ip gratuitous-arps

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Cisco_IOS_Switch_Y21M07_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

800-53|SC-5
CAT|II
CCI|CCI-002385
Rule-ID|SV-220431r622190_rule
STIG-ID|CISC-RT-000150
STIG-Legacy|SV-110709
STIG-Legacy|V-101605
Vuln-ID|V-220431

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles