STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:SV-80787r1_rule
V-66297
SRG-APP-000516-NDM-000341
HFFS-ND-000141
CAT II
10
Configure the HP FlexFabric Switch to use an authentication server:
[HP] radius scheme <name of scheme>
[HP-radius-jitc] primary authentication x.x.x.x key simple xxxxxx
[HP-radius-jitc] user-name-format without-domain
[HP] domain <domain name>
[HP-isp-jitc] authentication login radius-scheme <name of scheme> local
[HP-isp-jitc] authorization login radius-scheme <name of scheme> local
[HP-isp-jitc] accounting login radius-scheme <name of scheme>c local
[HP] domain default enable <domain name>
Review the HP FlexFabric Switch configuration to determine if it is authenticating user logon via an authentication server. Local authentication must only be used as a last resort. Example configuration would look similar to the following:
authentication login hwtacacs-scheme <name of scheme> local
or
authentication login radius-scheme <name of scheme> local
If the HP FlexFabric Switch does not have an authentication server configured as the primary authentication method, this is a finding.
V-66297
False
HFFS-ND-000141
Review the HP FlexFabric Switch configuration to determine if it is authenticating user logon via an authentication server. Local authentication must only be used as a last resort. Example configuration would look similar to the following:
authentication login hwtacacs-scheme <name of scheme> local
or
authentication login radius-scheme <name of scheme> local
If the HP FlexFabric Switch does not have an authentication server configured as the primary authentication method, this is a finding.
M
2971