STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

All network infrastructure devices must be located in a secure room with limited access.

DISA Rule

SV-8540r3_rule

Vulnerability Number

V-8054

Group Title

Network devices are not stored in secure Comm room

Rule Version

NET0210

Severity

CAT II

CCI(s)

• CCI-000921 - The organization controls ingress/egress to the facility where the information system resides using one or more organization-defined physical access control systems/devices or guards.

Weight

10

Fix Recommendation

Move all critical communications into controlled access areas. Controlled access area in this case means controlled restriction to authorize site personnel, i.e., dedicated communications rooms or locked cabinets. This is an area afforded entry control at a security level commensurate with the operational requirement. This protection will be sufficient to protect the network from unauthorized personnel. The keys to the locked cabinets and dedicated communications rooms will be controlled and only provided to authorized network/network security individuals.

Check Contents

Inspect the site to validate physical network components are in a secure environment with limited access.

If there are any network components not located in a secure environment, this is a finding.

Vulnerability Number

V-8054

Documentable

False

Rule Version

NET0210

Severity Override Guidance

Inspect the site to validate physical network components are in a secure environment with limited access.

If there are any network components not located in a secure environment, this is a finding.

Check Content Reference

M

Target Key

838

Comments