The Cisco switch must not be configured to have any feature enabled that calls home to the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-221078 | CISC-RT-000080 | SV-221078r999687_rule | CCI-002403 | medium |
| Description | ||||
| Call home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. | ||||
| STIG | Date | |||
| Cisco NX OS Switch RTR Security Technical Implementation Guide | 2024-12-20 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
SC-7(11)
1.00
- DISA · 3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-002403
1.00
- DISA · 3 · disa_xccdf · related
Details
Check Text (C-221078r999687_chk)
Review the switch configuration to determine if the call home service is enabled as shown in the example below:
callhome
contract-id CompanyXYZ
customer-id CompanyXYZ
email-contact netadmin@CompanyXYZ.com
phone-contact +1-800-555-4567
enable
If the call home feature is configured to call home to the vendor, this is a finding.
Fix Text (F-22782r409724_fix)
Disable the call home feature as shown below:
SW1(config)# callhome
SW1(config-callhome)# no enable
SW1(config-callhome)# end