← Back to Storage Area Network Security Technical Implementation Guide

V-6633

CAT II (Medium)

The SAN must be configured to use bidirectional authentication.

Rule ID

SV-6753r2_rule

STIG

Storage Area Network Security Technical Implementation Guide

Version

V2R5

CCIs

None

Discussion

Switch-to-switch management traffic does not have to be encrypted. Bidirectional authentication ensures that a rogue switch cannot be inserted and be auto configured to join the fabric.

Check Content

Verify that all fabric switches are configured to bidirectional authentication.

Fix Text

Configure the SAN fabric switches to use bidirectional authentication between switches.