STIGQter STIGQter: STIG Summary: SEL-2740S L2S Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 02 May 2019:

The SEL-2740S must be configured to capture flows for real-time visualization tools.

DISA Rule

SV-102407r1_rule

Vulnerability Number

V-92319

Group Title

SRG-NET-000332-L2S-000002

Rule Version

SELS-SW-000080

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Add specific SEL-2740S flow rules for capturing a copy of packets for user sessions use OpenFlow ALL Groups.

To add an SEL-2740S Group, do the following:
1. Log on to OTSDN Controller using Permission Level 3.
2. Under "Group Entry" General settings, select "Group ID" and "Group Type". Use a unique group ID and use an ALL group to send the packet to more than one destination.
3. Select appropriate number of Action Buckets dependent upon use case.
4. Determine valid watch port or group, and select supported actions.
5. Click "Submit".

Check Contents

Review the SEL-2740S flow rules to ensure they only include the specific copy rules for capturing ingress and egress flows only on the designated port(s).

Note: A span port can be created to capture based on Flows, ports, or combination.

If the SEL-2740S is configured with flows with wildcard or unnecessary packet forwarding rules, this is a finding.

Vulnerability Number

V-92319

Documentable

False

Rule Version

SELS-SW-000080

Severity Override Guidance

Review the SEL-2740S flow rules to ensure they only include the specific copy rules for capturing ingress and egress flows only on the designated port(s).

Note: A span port can be created to capture based on Flows, ports, or combination.

If the SEL-2740S is configured with flows with wildcard or unnecessary packet forwarding rules, this is a finding.

Check Content Reference

M

Target Key

3385

Comments