TNS Adtran AOS Best Practice Audit

Audit Details

Name: TNS Adtran AOS Best Practice Audit

Updated: 12/22/2023

Authority: TNS

Plugin: Adtran

Revision: 1.26

Estimated Item Count: 39

File Details

Filename: TNS_Adtran_AOS_Best_Practices.audit

Size: 37.7 kB

MD5: 357b7a490f44c68197d61f15b45aa2bd
SHA256: feb8da147fded4706b97f500d005da3eef9ca47da19bb19dadc9f95cf7f79cb6

Audit Items

DescriptionCategories
Adtran : Device Info

CONFIGURATION MANAGEMENT

Adtran : Device Version

CONFIGURATION MANAGEMENT

Adtran : Disable FTP

CONFIGURATION MANAGEMENT

Adtran : Disable SSID Broadcast

CONFIGURATION MANAGEMENT

Adtran : Disable SSLv2

CONFIGURATION MANAGEMENT

Adtran : Disable Telnet

CONFIGURATION MANAGEMENT

Adtran : Disable TFTP

CONFIGURATION MANAGEMENT

Adtran : Disable WEP security mode

ACCESS CONTROL

Adtran : Enable aaa

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable aaa authentication

ACCESS CONTROL

Adtran : Enable Firewall

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Enable firewall syn-flood detection

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Enable NTP
Adtran : Enable security mode on virtual access point (VAP)

ACCESS CONTROL

Adtran : Enable service password-encryption

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable stateful inspection on firewall

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Encrypt enable password

IDENTIFICATION AND AUTHENTICATION

Adtran : Encrypt passwords

IDENTIFICATION AND AUTHENTICATION

Adtran : Ensure a trusted, primary DNS server is set

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure a trusted, secondary DNS server is set

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure DHCP is Disabled unless needed

CONFIGURATION MANAGEMENT

Adtran : Ensure discovery protocols such as LLDP are not enabled on public interfaces

CONFIGURATION MANAGEMENT

Adtran : Ensure the default 'admin' username is not used

ACCESS CONTROL

Adtran : Ensure the log level is set at an appropriate setting

AUDIT AND ACCOUNTABILITY

Adtran : Firewall - Deny by Default ACL

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Firewall - Ensure winnuke protection is enabled

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Forward logs to syslog server

AUDIT AND ACCOUNTABILITY

Adtran : List enabled interfaces

CONFIGURATION MANAGEMENT

Adtran : Password Policy - no weak passwords

IDENTIFICATION AND AUTHENTICATION

Adtran : Secure Web Access - HTTP disabled

CONFIGURATION MANAGEMENT

Adtran : Secure Web Access - HTTPS enabled

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Set 'exec' Banner

ACCESS CONTROL

Adtran : Set 'login' Banner

ACCESS CONTROL

Adtran : Set 'motd' Banner

ACCESS CONTROL

Adtran : SNMP 'PRIVATE' community string not used

IDENTIFICATION AND AUTHENTICATION

Adtran : SNMP 'PUBLIC' community string not used

IDENTIFICATION AND AUTHENTICATION

Adtran : SNMPv3 is used

CONFIGURATION MANAGEMENT

Adtran : SNMPv3 is used with 'priv'

ACCESS CONTROL

Adtran : Web Session Timeout <= 900 secs

ACCESS CONTROL