← Back to DBN-6300 NDM Security Technical Implementation Guide

V-255548

CAT I (High)

The DBN-6300 must uniquely identify and authenticate organizational administrators (or processes acting on behalf of organizational administrators).

Rule ID

SV-255548r960969_rule

STIG

DBN-6300 NDM Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001358, CCI-002111

Discussion

To ensure accountability and prevent unauthenticated access, organizational administrators must be uniquely identified and authenticated for all network management accesses to prevent potential misuse and compromise of the system.

Check Content

Verify that there is one local account configured on the DBN-6300.

Navigate to Settings >> User Management.

Verify that there is one account on the system and that this account has unrestricted privileges.

If no local account is configured in this way, or more than one account is configured locally, this is a finding.

Fix Text

Verify that there is one local account configured on the DBN-6300.

Navigate to Settings >> User Management.

Verify that there is one account on the system, and that this account has unrestricted privileges.

If there is more than one local account, delete the additional accounts by clicking on the trashcan icon on the far right of the account(s) in question, until all accounts are deleted except for one administrative account with unlimited privileges.

If there is no local account with administrative or unlimited privileges, create one using the following steps: 

Navigate to Settings >> User Management >> Users.

Click on the New User button.

Enter a username for Username, a name (optional), a 15-character (minimum) complex password, and the role of either Admin or Unrestricted.

After all entries are filled, click "Save".