STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Storage Area Network Security Technical Implementation Guide

V-6660

CAT III (Low)

End-user platforms are directly attached to the Fibre Channel network or access storage devices directly.

Rule ID

SV-6807r1_rule

STIG

Storage Area Network Security Technical Implementation Guide

Version

V2R5

CCIs

None

Discussion

End-user platforms should only be connected to servers that run applications that access the data found on the SAN devices. SANs do not supply a robust user identification and authentication platform. They depend on the servers and applications to authenticate the users and restrict access to users as required. The IAO/NSO will ensure that end-user platforms are not directly attached to the Fibre Channel network and may not access storage devices directly.

Check Content

The reviewer will, with the assistance of the IAO/NSO, verify that end-user platforms are not directly attached to the Fibre Channel network and may not access storage devices directly.  If the SAN is small with all of its components collocated, this can be done by a visual inspection but in most cases the reviewer will have to check the SAN network drawing.

Fix Text

Develop a plan to remove end-user platforms from the SAN.  Obtain CM approval for the plan and implement the plan.