Detections
Analytics
OS10-NDM-000010 - The Dell OS10 Switch must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type.
Information
Device management includes the ability to control the number of administrators and management sessions that manage a device. Limiting the number of allowed administrators and sessions per administrator based on account type, role, or access type is helpful in limiting risks related to denial-of-service (DoS) attacks.This requirement addresses concurrent sessions for administrative accounts and does not address concurrent sessions by a single administrator via multiple administrative accounts. The maximum number of concurrent sessions should be defined based upon mission needs and the operational environment for each system. At a minimum, limits must be set for SSH, HTTPS, account of last resort, and root account sessions.
Solution
Configure the network device to limit the number of concurrent sessions to an organization-defined number for all administrator accounts and/or administrator account types, as in the following example.OS10(config)# login concurrent-session limit 3
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Dell_OS10_Switch_Y24M12_STIG.zip
Item Details
Audit Name: DISA Dell OS10 Switch NDM STIG v1r1
Category: ACCESS CONTROL
References: 800-53|AC-10, CAT|II, CCI|CCI-000054, Rule-ID|SV-269768r1051689_rule, STIG-ID|OS10-NDM-000010, Vuln-ID|V-269768
Plugin: Dell_OS10
Control ID: c25cfd0e1832210d10d31145c245ecf074f06fac5c18295a040a14d17a42d69b