STIGQter: STIG Summary: HP FlexFabric Switch RTR Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must enforce that the managed network domain and the management network domain are separate routing domains and the Interior Gateway Protocol (IGP) instances are not redistributed or advertised to each other.

DISA Rule

SV-80607r1_rule

Vulnerability Number

V-66117

Group Title

SRG-NET-000019-RTR-000013

Rule Version

HFFS-RT-000015

Severity

CAT II

CCI(s)

• CCI-001414 - The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.

Weight

10

Fix Recommendation

If OSPF is used for the management network, configure the management interface to belong to a different OSPF instance than the production network.

Check Contents

Review the configuration to verify the management interface belongs to a different OSPF instance (process) than the production network. If the management interface does not belong to a different OSPF instance, this is a finding.

Vulnerability Number

V-66117

Documentable

False

Rule Version

HFFS-RT-000015

Severity Override Guidance

Review the configuration to verify the management interface belongs to a different OSPF instance (process) than the production network. If the management interface does not belong to a different OSPF instance, this is a finding.

Check Content Reference

M

Target Key

2979

Comments