STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to audit the enforcement actions used to restrict access associated with changes to any application within the SDN framework.

DISA Rule

SV-95523r1_rule

Vulnerability Number

V-80813

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-SDN-001100

Severity

CAT II

CCI(s)

• CCI-001814 - The Information system supports auditing of the enforcement actions.

Weight

10

Fix Recommendation

Configure the SDN controller to audit enforcement actions used to restrict access associated with changes to any application.

Check Contents

Review the SDN controller configuration to determine if it is configured to audit enforcement actions used to restrict access associated with changes to any application.

If the SDN controller is not configured to audit the enforcement actions used to restrict access associated with changes to any application within the SDN framework, this is a finding.

Vulnerability Number

V-80813

Documentable

False

Rule Version

SRG-NET-000512-SDN-001100

Severity Override Guidance

Review the SDN controller configuration to determine if it is configured to audit enforcement actions used to restrict access associated with changes to any application.

If the SDN controller is not configured to audit the enforcement actions used to restrict access associated with changes to any application within the SDN framework, this is a finding.

Check Content Reference

M

Target Key

3333

Comments