STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to HP FlexFabric Switch NDM Security Technical Implementation Guide

V-217483

CAT I (High)

The HP FlexFabric Switch must have a local account that will only be used as an account of last resort with full access to the network device.

Rule ID

SV-217483r961863_rule

STIG

HP FlexFabric Switch NDM Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000366

Discussion

In the event the network device loses connectivity to the management network authentication service, only a local account can gain access to the switch to perform configuration and maintenance. Without this capability, the network device is inaccessible to administrators.

Check Content

Verify that the switch is configured with a local user that has full access by entering the following command:  display local-user user-name <name of user account>. 

The user role list should contain the following:  network-admin, network-operator

If the switch does not have a local user with full access, this is a finding.

Fix Text

Configure the switch with a local user account that has network-admin and network-operator role.
[5900]local-user adminxxx
[5900-luser-manage-adminxxx]authorization-attribute  user-role network-admin   (or level=15)
[5900-luser-manage-adminxxx]authorization-attribute  user-role network-operator
[5900-luser-manage-adminxxx]service-type terminal
[5900-luser-manage-adminxxx]password hash xxxxxxxxxxxxxx