CISC-RT-000080 – The Cisco switch must not be configured to have any feature enabled that calls home to the vendor.

Details

Call home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack.

Solution

Disable the call home feature as shown below:

SW1(config)#no call-home

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Cisco_IOS_Switch_Y21M07_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Cisco.

References

800-53|SC-7(11)
CAT|II
CCI|CCI-002403
Rule-ID|SV-220470r622190_rule
STIG-ID|CISC-RT-000080
STIG-Legacy|SV-110699
STIG-Legacy|V-101595
Vuln-ID|V-220470

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles