Details

IP Access Control Lists (ACLs) can also be used to limit management access, permitting more granular control over IP ranges or protocols permitted to access the switch.

Solution

Note that all ACLs in ArubaOS-Switch have an implicit “deny any” rule at the end of the rules list; this requires that allowed traffic be explicitly permitted to pass through an applied ACL.

Supportive Information

The following resource is also helpful.

• https://support.hpe.com/hpesc/public/docDisplay?docId=a00053695en_us

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system ArubaOS.

References

• 800-53|SC-7(11)

Source

• Tenable.com/audits