The HPE Nimble must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-252188 | HPEN-NM-000030 | SV-252188r960843_rule | CCI-000048 | medium |
| Description | ||||
| Display of the DoD-approved use notification before granting access to the network device ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users. | ||||
| STIG | Date | |||
| HPE Nimble Storage Array NDM Security Technical Implementation Guide | 2024-06-20 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-8
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.9
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000048
1.00
- DISA · V2R1 · disa_xccdf · related
Details
Check Text (C-252188r960843_chk)
Attempt a login to NimOS by typing "ssh username@array", where username is a valid user, and array is an array DNS name. If the correct DoD banner is not displayed before a password prompt, this is a finding.
Fix Text (F-55594r814043_fix)
Type "group --edit --login_banner", and then copy-paste or type the required banner. Then, to display the banner before login, type "group --edit --login_banner_after_auth no".