STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Storage Area Network Security Technical Implementation Guide

V-6645

CAT I (High)

All SAN management consoles and ports are not password protected.

Rule ID

SV-6791r1_rule

STIG

Storage Area Network Security Technical Implementation Guide

Version

V2R5

CCIs

None

Discussion

Without password protection malicious users can create a denial of service by disrupting the SAN or allow the compromise of sensitive date by reconfiguring the SAN topography. The IAO/NSO will ensure that all SAN management consoles and ports are password protected.

Check Content

The reviewer will, with the assistance of the IAO/NSO, verify that all SAN management consoles and ports are password protected.

Fix Text

Develop a plan for implementing password protection on the SAN’s management consoles and ports.  Obtain CM approval of the plan and execute the plan.