NET0812 – Two NTP servers are not used to synchronize time – ‘Second NTP Server’
Details The network element must use two or more NTP servers to synchronize time. Without synchronized time, accurately correlating information...
- Home
- Security Hardening
- DISA STIG Cisco L2 Switch V8R27
DISA STIG Cisco L2 Switch V8R27
NET-NAC-009 – The switch must be configured to use 802.1x authentication on host facing access switch ports – ‘802.1x authentication’
Details The IEEE 802.1x standard is a client-server based access control and authentication protocol that restricts unauthorized clients from connecting...NET-NAC-009 – The switch must be configured to use 802.1x authentication on host facing access switch ports – ‘aaa authentication’
Details The IEEE 802.1x standard is a client-server based access control and authentication protocol that restricts unauthorized clients from connecting...NET-NAC-009 – The switch must be configured to use 802.1x authentication on host facing access switch ports – ‘radius-server host’
Details The IEEE 802.1x standard is a client-server based access control and authentication protocol that restricts unauthorized clients from connecting...NET-NAC-009 – The switch must be configured to use 802.1x authentication on host facing access switch ports – ‘system-auth-control’
Details The IEEE 802.1x standard is a client-server based access control and authentication protocol that restricts unauthorized clients from connecting...NET-NAC-031 – The switch must only allow a maximum of one registered MAC address per access port.
Details The switch must only allow a maximum of one registered MAC address per access port. Limiting the number of...NET-NAC-032 – Switchport does not shutdown on a violation
Details The IAO will ensure that all switchports configured using MAC port security will shutdown upon receiving a frame with...NET-VLAN-002 – Disabled ports are not kept in an unused VLAN.
Details Disabled switch ports must be placed in an unused VLAN (do not use VLAN1). It is possible that a...NET-VLAN-004 – VLAN 1 is being used as a user VLAN – ‘no ip address’.
Details VLAN 1 must not be used for user VLANs. In a VLAN-based network, switches use VLAN 1 as the...NET-VLAN-004 – VLAN 1 is being used as a user VLAN – ‘shutdown’.
Details VLAN 1 must not be used for user VLANs. In a VLAN-based network, switches use VLAN 1 as the...