← Back to Storage Area Network Security Technical Implementation Guide

V-6652

CAT II (Medium)

Simple Network Management Protocol (SNMP) is used and it is not configured in accordance with the guidance contained in the Network Infrastructure STIG.

Rule ID

SV-6798r1_rule

STIG

Storage Area Network Security Technical Implementation Guide

Version

V2R5

CCIs

None

Discussion

There are vulnerabilities in some implementations and some configurations of SNMP. Therefore if SNMP is used the guidelines found in the Network Infrastructure STIG in selecting a version of SNMP to use and how to configure it will be followed. If Simple Network Management Protocol (SNMP) is used, the IAO/NSO will ensure it is configured in accordance with the guidance contained in the Network Infrastructure STIG.

Check Content

With the assistance of the IAO/NSO, verify that if Simple Network Management Protocol (SNMP) is used, it is configured in accordance with the guidance contained in the Network Infrastructure STIG.

NOTE: The intent of this check is to ensure that the other checklists were applied. If they are applied then, regardless of what the findings are, this is not a finding. The objective of this policy is met if the other checklist was applied and documented.

Fix Text

Develop a plan to implement SNMP that is compliant with the Network Infrastructure STIG.  Obtain CM approval and execute the plan.

NOTE: The intent of this check is to ensure that the other applicable checklists were applied. If they are applied then, regardless of what the findings are, this is not a finding. The objective of this policy is met if the other checklists were applied and documented.