STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Cisco ISE NDM Security Technical Implementation Guide

V-242657

CAT I (High)

The Cisco ISE must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after six minutes of inactivity, except to fulfill documented and validated mission requirements.

Rule ID

SV-242657r1167994_rule

STIG

Cisco ISE NDM Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-001133

Discussion

Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.

Check Content

From the CLI EXEC mode, type show terminal.
 
From the GUI, navigate to Administration >> System >> Admin Access >> Settings >> Session.

View the session timeout setting.

If the terminal and administration setting is not set to six minutes or less, this is a finding.

Fix Text

Configure Session Timeout for Administrators.

1. Choose Administration >> System >> Admin Access >> Settings >> Session >> Session Timeout.
2. Enter "6".
3. Click "Save".