The HPE Alletra Storage ArcusOS device must disable remote access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-283038 | ASMP-WS-000740 | SV-283038r1193804_rule | CCI-002314 | medium |
| Description | ||||
| Remote access to the web server is any access that communicates through an external, nonorganization-controlled network. Remote access can be used to access hosted applications or to perform management functions. A web server can be accessed remotely and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. Examples of the web server enforcing a remote access policy are implementing IP filtering rules, using https instead of http for communication, implementing secure tokens, and validating users. | ||||
| STIG | Date | |||
| HPE Alletra Storage ArcusOS Web Server Security Technical Implementation Guide | 2026-03-03 | |||
Details
Check Text (C-283038r1193804_chk)
Verify the RDA service is disabled and controlrecoveryauth is set to use ciphertext with the following commands:
cli% stoprda
RDA service is already disabled.
cli% controlrecoveryauth status
Recovery authentication method is Ciphertext.
If the message returned is not "RDA service is already disabled", this is a finding.
If the message returned is not "Recovery authentication method is Ciphertext", this is a finding.
Fix Text (F-87506r1193803_fix)
Configure the system to disable remote access:
Stop the RDA service:
cli% stoprda
Are you sure you want to stop RDA service?
select q=quit y=yes n=no:
Enter "y" to confirm the action.
Set the recovery authentication to ciphertext:
cli% controlrecoveryauth setmethod ciphertext