STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to isolate security functions from non-security functions.

DISA Rule

SV-95513r1_rule

Vulnerability Number

V-80803

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-SDN-001075

Severity

CAT II

CCI(s)

• CCI-001084 - The information system isolates security functions from nonsecurity functions.

Weight

10

Fix Recommendation

Configure the SDN controller to isolate objects and code implementing RBAC to restrict access to security functionality from non-security functionality objects and code.

Check Contents

Review the SDN controller configuration to determine whether objects and code implementing security functionality are isolated from non-security functionality objects and code. Role-based access control (RBAC) must also be configured to restrict access to all security functionality.

If security-related objects and code are not kept separate and are not configured with RBAC access restriction, this is a finding.

Vulnerability Number

V-80803

Documentable

False

Rule Version

SRG-NET-000512-SDN-001075

Severity Override Guidance

Review the SDN controller configuration to determine whether objects and code implementing security functionality are isolated from non-security functionality objects and code. Role-based access control (RBAC) must also be configured to restrict access to all security functionality.

If security-related objects and code are not kept separate and are not configured with RBAC access restriction, this is a finding.

Check Content Reference

M

Target Key

3333

Comments