TNS Adtran AOS Best Practice Audit

Audit Details

Name: TNS Adtran AOS Best Practice Audit

Updated: 4/25/2022

Authority: TNS

Plugin: Adtran

Revision: 1.23

Estimated Item Count: 39

File Details

Filename: TNS_Adtran_AOS_Best_Practices.audit

Size: 35.7 kB

MD5: 0ef13971d51c042044ebdfd2381f8752
SHA256: d7a4296ae6e1b5f55def817199837b94ff75579d80e826b13545a347882f7624

Audit Items

DescriptionCategories
Adtran : Device Info

CONFIGURATION MANAGEMENT

Adtran : Device Version

CONFIGURATION MANAGEMENT

Adtran : Disable FTP

CONFIGURATION MANAGEMENT

Adtran : Disable SSID Broadcast

CONFIGURATION MANAGEMENT

Adtran : Disable SSLv2

CONFIGURATION MANAGEMENT

Adtran : Disable Telnet

CONFIGURATION MANAGEMENT

Adtran : Disable TFTP

CONFIGURATION MANAGEMENT

Adtran : Disable WEP security mode

ACCESS CONTROL

Adtran : Enable aaa

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable aaa authentication

ACCESS CONTROL

Adtran : Enable Firewall

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Enable firewall syn-flood detection

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Enable NTP

AUDIT AND ACCOUNTABILITY

Adtran : Enable security mode on virtual access point (VAP)

ACCESS CONTROL

Adtran : Enable service password-encryption

IDENTIFICATION AND AUTHENTICATION

Adtran : Enable stateful inspection on firewall

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Encrypt enable password

IDENTIFICATION AND AUTHENTICATION

Adtran : Encrypt passwords

IDENTIFICATION AND AUTHENTICATION

Adtran : Ensure a trusted, primary DNS server is set

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure a trusted, secondary DNS server is set

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Ensure DHCP is Disabled unless needed

CONFIGURATION MANAGEMENT

Adtran : Ensure discovery protocols such as LLDP are not enabled on public interfaces

CONFIGURATION MANAGEMENT

Adtran : Ensure the default 'admin' username is not used

ACCESS CONTROL

Adtran : Ensure the log level is set at an appropriate setting

AUDIT AND ACCOUNTABILITY

Adtran : Firewall - Deny by Default ACL

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Firewall - Ensure winnuke protection is enabled

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Forward logs to syslog server

AUDIT AND ACCOUNTABILITY

Adtran : List enabled interfaces

CONFIGURATION MANAGEMENT

Adtran : Password Policy - no weak passwords

IDENTIFICATION AND AUTHENTICATION

Adtran : Secure Web Access - HTTP disabled

CONFIGURATION MANAGEMENT

Adtran : Secure Web Access - HTTPS enabled

SYSTEM AND COMMUNICATIONS PROTECTION

Adtran : Set 'exec' Banner

ACCESS CONTROL

Adtran : Set 'login' Banner

ACCESS CONTROL

Adtran : Set 'motd' Banner

ACCESS CONTROL

Adtran : SNMP 'PRIVATE' community string not used

IDENTIFICATION AND AUTHENTICATION

Adtran : SNMP 'PUBLIC' community string not used

IDENTIFICATION AND AUTHENTICATION

Adtran : SNMPv3 is used

CONFIGURATION MANAGEMENT

Adtran : SNMPv3 is used with 'priv'

ACCESS CONTROL

Adtran : Web Session Timeout <= 900 secs

ACCESS CONTROL