STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to RUCKUS ICX Router Security Technical Implementation Guide

V-273671

CAT II (Medium)

The RUCKUS ICX router must establish organization-defined alternate communications paths for system operations organizational command and control.

Rule ID

SV-273671r1110957_rule

STIG

RUCKUS ICX Router Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-004931

Discussion

An incident, whether adversarial- or nonadversarial-based, can disrupt established communications paths used for system operations and organizational command and control. Alternate communications paths reduce the risk of all communications paths being affected by the same incident. To compound the problem, the inability of organizational officials to obtain timely information about disruptions or to provide timely direction to operational elements after a communications path incident, can impact the ability of the organization to respond to such incidents in a timely manner. Establishing alternate communications paths for command and control purposes, including designating alternative decision makers if primary decision makers are unavailable and establishing the extent and limitations of their actions, can greatly facilitate the organization's ability to continue to operate and take appropriate actions during an incident.

Check Content

Verify the router is configured to establish organization-defined alternate communications paths for system operations organizational command and control.

If the router is not configured to establish organization-defined alternate communications paths for system operations organizational command and control, this is a finding.

Fix Text

Configure the router to establish organization-defined alternate communications paths for system operations organizational command and control.

Configure VLANs separate organization-defined traffic:

device# configure terminal
device(config)# vlan 235 name mgmt-vlan
device(config-vlan-235)# tag ethernet 1/x/x
device(config-vlan-235)# interface ve 235
device(config-vif-235)# ip addr x.x.x.x/x
device(config-vif-235)# vlan 200 name ops-vlan
device(config-vlan-200)# tag ethernet 1/x/x
device(config-vlan-200)# interface ve 200
device(config-vif-200)# ip addr x.x.x.x/x
device(config-vif-200)# vlan 210 name user-vlan
device(config-vlan-210)# tag ethernet 1/x/x
device(config-vlan-210)# interface ve 210
device(config-vif-210)# ip addr x.x.x.x/x
device(config-vif-210)#end
device# write memory