STIGQter: STIG Summary: SEL-2740S L2S Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 02 May 2019:

The SEL-2740S must be configured with backup flows for all host and switch flows to ensure proper failover scheme is in place for the network.

DISA Rule

SV-102369r1_rule

Vulnerability Number

V-92281

Group Title

SRG-NET-000512-L2S-000030

Rule Version

SELS-SW-000300

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

To configure a Fast Failover Group for a given flow, do the following:

1. Log on to OTSDN Controller using Permission Level 3.
2. Under Group Entry General settings, select "Group ID" and "Group Type" as "Fast Failover".
3. Select appropriate number of Action Buckets dependent upon use case.
4. Determine valid watch port or group, and select supported actions.
5. Click "Submit".

Check Contents

Review the SEL-2740S flow rules to ensure each flow has a Fast Failover Group configured.

If the switch is not configured to provide backup flows, this is a finding.

Vulnerability Number

V-92281

Documentable

False

Rule Version

SELS-SW-000300

Severity Override Guidance

Review the SEL-2740S flow rules to ensure each flow has a Fast Failover Group configured.

If the switch is not configured to provide backup flows, this is a finding.

Check Content Reference

Target Key

3385

The SEL-2740S must be configured with backup flows for all host and switch flows to ensure proper failover scheme is in place for the network.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments