Home
Security Hardening
DISA STIG Cisco L2 Switch V8R27

DISA STIG Cisco L2 Switch V8R27

NET-VLAN-005 – VLAN 1 traffic traverses across unnecessary trunk
Details VLAN 1 must be pruned from all trunk and access ports that do not require it. VLAN 1 is...
NET-VLAN-006 – The VLAN1 is being used for management traffic.
Details A dedicated management VLAN or VLANs must be configured to keep management traffic separate from user data and control...
NET-VLAN-007 – Ensure trunking is disabled on all access ports.
Details Port trunking must be disabled on all access ports (do not configure trunk on, desirable, non-negotiate, or auto–only off)....
NET-VLAN-008 – A dedicated VLAN is required for all trunk ports.
Details The native VLAN must be assigned to a VLAN ID other than the default VLAN for all 802.1q trunk...
NET-VLAN-009 – Access switchports are assigned to the native VLAN
Details Access switchports must not be assigned to the native VLAN. Double encapsulation can be initiated by an attacker who...
NET-VLAN-023 – Restricted VLAN not assigned to non-802.1x device.
Details Printers must be assigned to a VLAN that is not shared by unlike devices. Aspects of hardening the network...