The administrator must ensure SNMP is blocked at all external interfaces. SNMP Access is permitted for enterprise mapping capabilities as directed by CTO 09-011.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3022 | NET0892 | SV-3022r1_rule | ECSC-1 | Medium |
| Description |
|---|
| SNMP information can be used to trace the network and reveal networks topology that could enable malicious users to gain access to network devices. |
| STIG | Date |
|---|---|
| Perimeter L3 Switch Security Technical Implementation Guide - Cisco | 2015-04-06 |
Details
| Check Text ( C-3938r1_chk ) |
|---|
| NIPRNet - Review the ingress filter and verify SNMP has been restricted. SNMP operates on the TCP/UDP port 161. SIPRNet - Review Communications Tasking Order (CTO) 09-011. Then apply filtering policy. |
| Fix Text (F-3047r1_fix) |
|---|
| The administrator will change the router configuration to block SNMP traffic at the perimeter. |