STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to notify the ISSO and ISSM of failed verification tests for organization-defined security functions.

DISA Rule

SV-95517r1_rule

Vulnerability Number

V-80807

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-SDN-001085

Severity

CAT II

CCI(s)

CCI-002694 - The organization defines the external organizations to which the organization will disseminate security alerts, advisories, and directives.
CCI-002695 - The organization defines the security functions that require verification of correct operation.
CCI-002698 - The organization defines the system transitional states when the information system will verify correct operation of organization-defined security functions.

Weight

Fix Recommendation

Configure the SDN controller to notify the ISSO and ISSM of failed security verification tests.

Note: DoD activities should also notify the Regional Cyber Center (RCC).

Note: The organization defines the system transitional states when the SDN controller will verify correct operation of the security functions.

Check Contents

Review the SDN controller configuration to determine if it is configured to notify the ISSO and ISSM of failed security verification tests.

If the SDN controller is not configured to notify the ISSO and ISSM of failed security verification tests, this is a finding.

Note: The organization defines the system transitional states when the SDN controller will verify correct operation of the security functions.

The SDN controller must be configured to notify the ISSO and ISSM of failed verification tests for organization-defined security functions.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments