NET1636 - Management connections must require passwords - 'VTY port (login authentication AUTH_LIST)'

Information

The network devices must require authentication prior to establishing a management connection for administrative access.

Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage.

NOTE: Change 'AAA_LOGIN_LIST' to your organization's AAA group name. If the default list is used for the AAA function then the login authentication list is not displayed in output.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Configure authentication for all management connections.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_L2_Switch_V8R27_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(3), CAT|I, Rule-ID|SV-15448r4_rule, STIG-ID|NET1636, Vuln-ID|V-3175

Plugin: Cisco

Control ID: 460d7eb11765b29bb63dc5108980446f5c3057d2b0c326b5a16f52403241c67e