STIGQter: STIG Summary: HP FlexFabric Switch L2S Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: HP FlexFabric Switch L2S Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:SV-80587r1_rule
V-66097
SRG-NET-000512-L2S-000013
HFFS-L2-000030
CAT II
10
Remove the native vlan of the trunk ports.
[HP-GigabitEthernet1/0/1] undo port trunk permit vlan 1
Verify all access switch ports are not part of the native VLAN (VLAN 1).
If any access switch port is assigned to the native VLAN (VLAN 1), this is a finding.
<HP>display interface GigabitEthernet brief
Brief information on interface(s) under bridge mode:
Link: ADM - administratively down; Stby - standby
Speed or Duplex: (a)/A - auto; H - half; F - full
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
GE1/0/1 UP 1G(a) F(a) A 1
GE1/0/2 UP 1G(a) F(a) A 100
GE1/0/3 UP 10M(a) F(a) A 100
XGE1/0/1 UP 10G(a) F(a) A 200
XGE1/0/2 UP 10G(a) F(a) A 200
If any access switch port are configured for the native vlan. This is a finding.
V-66097
False
HFFS-L2-000030
Verify all access switch ports are not part of the native VLAN (VLAN 1).
If any access switch port is assigned to the native VLAN (VLAN 1), this is a finding.
<HP>display interface GigabitEthernet brief
Brief information on interface(s) under bridge mode:
Link: ADM - administratively down; Stby - standby
Speed or Duplex: (a)/A - auto; H - half; F - full
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
GE1/0/1 UP 1G(a) F(a) A 1
GE1/0/2 UP 1G(a) F(a) A 100
GE1/0/3 UP 10M(a) F(a) A 100
XGE1/0/1 UP 10G(a) F(a) A 200
XGE1/0/2 UP 10G(a) F(a) A 200
If any access switch port are configured for the native vlan. This is a finding.
M
2977