STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SDN Controller Security Requirements Guide

V-206725

CAT II (Medium)

The SDN controllers must be configured as a cluster in active/active or active/passive mode to preserve any information necessary to determine cause of a system failure and to maintain network operations with least disruption to workload processes and flows.

Rule ID

SV-206725r539658_rule

STIG

SDN Controller Security Requirements Guide

Version

V2R2

CCIs

CCI-001665

Discussion

Failure in a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the SDN controller. Preserving network element state information helps to facilitate continuous network operations minimal or no disruption to mission-essential workload processes and flows.

Check Content

Review the SDN controller configuration to determine if it is configured to peer with one or more controllers in an active/active or active/passive failover mode.  

If the SDN controller is not configured to be deployed as a cluster in active/active or active/passive mode, this is a finding.

Fix Text

Configure the SDN controller to peer with one or more controllers in an active/active or active/passive failover mode.