STIGQter: STIG Summary: HP FlexFabric Switch RTR Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must enforce that any interface used for out-of-band management traffic is configured to be passive for the Interior Gateway Protocol (IGP) that is utilized on that management interface.

DISA Rule

SV-80609r1_rule

Vulnerability Number

V-66119

Group Title

SRG-NET-000019-RTR-000014

Rule Version

HFFS-RT-000016

Severity

CAT II

CCI(s)

• CCI-001414 - The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.

Weight

10

Fix Recommendation

If OSPF is used for the management network, configure the OOBM interface to belong to a different OSPF instance than the production network.

Check Contents

Review the configuration to verify the OOBM interface belongs to a different OSPF instance (process) than the production network. If the management interface does not belong to a different OSPF instance, this is a finding.
Note: By default an OOBM interface is passive to a routing protocol.

Vulnerability Number

V-66119

Documentable

False

Rule Version

HFFS-RT-000016

Severity Override Guidance

Review the configuration to verify the OOBM interface belongs to a different OSPF instance (process) than the production network. If the management interface does not belong to a different OSPF instance, this is a finding.
Note: By default an OOBM interface is passive to a routing protocol.

Check Content Reference

M

Target Key

2979

Comments