DISA STIG Arista MLS DCS-7000 Series NDM v1r3

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG Arista MLS DCS-7000 Series NDM v1r3

Updated: 8/19/2024

Authority: DISA STIG

Plugin: Arista

Revision: 1.10

Estimated Item Count: 60

File Details

Filename: DISA_STIG_Arista_NDM_STIG_v1r3.audit

Size: 138 kB

MD5: 16331a7824598eb8822d9a5fe0e0801d

SHA256: 55eb08f3408565433b3c33106e5c0407f34089406c91c9ae0d174f07be95298b

Audit Items

Description	Categories
AMLS-NM-000100 - The Arista Multilayer Switch must have a local infrequently used account to be used as an account of last resort with full access to the network device.	ACCESS CONTROL
AMLS-NM-000110 - The Arista Multilayer Switch account of last resort must have a password with a length of 15 characters.	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000120 - The Arista Multilayer Switch must automatically audit account creation.
AMLS-NM-000130 - The Arista Multilayer Switch must automatically audit account modification.
AMLS-NM-000140 - The Arista Multilayer Switch must automatically audit account disabling actions.
AMLS-NM-000150 - The Arista Multilayer Switch must automatically audit account removal actions.
AMLS-NM-000160 - The Arista Multilayer Switch must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device.	ACCESS CONTROL
AMLS-NM-000170 - The Arista Multilayer Switch must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.
AMLS-NM-000180 - The Arista Multilayer Switch must generate audit records when successful/unsuccessful attempts to access privileges occur.
AMLS-NM-000190 - The Arista Multilayer Switch must produce audit log records containing sufficient information to establish what type of event occurred.
AMLS-NM-000200 - The Arista Multilayer Switch must generate audit records containing the full-text recording of privileged commands.
AMLS-NM-000210 - The Arista Multilayer Switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.	SYSTEM AND COMMUNICATIONS PROTECTION
AMLS-NM-000220 - The Arista Multilayer Switch must use multifactor authentication for local access to privileged accounts.	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000240 - The Arista Multilayer Switch must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.	ACCESS CONTROL
AMLS-NM-000250 - The Arista Multilayer Switch must reveal error messages only to authorized individuals (ISSO, ISSM, and SA) - ISSO, ISSM, and SA.	SYSTEM AND INFORMATION INTEGRITY
AMLS-NM-000260 - The Arista Multilayer Switch must activate a system alert message, send an alarm, and/or automatically shut down when a component failure is detected.	SYSTEM AND INFORMATION INTEGRITY
AMLS-NM-000270 - The Arista Multilayer Switch must synchronize internal information system clocks to the authoritative time source when the time difference is greater than the organization-defined time period.	AUDIT AND ACCOUNTABILITY
AMLS-NM-000280 - The Arista Multilayer Switch must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources - NTP Server 1	AUDIT AND ACCOUNTABILITY
AMLS-NM-000280 - The Arista Multilayer Switch must be configured to synchronize internal information system clocks with the primary and secondary time sources located in different geographic regions using redundant authoritative time sources - NTP Server 2	AUDIT AND ACCOUNTABILITY
AMLS-NM-000290 - The Arista Multilayer Switch must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).	CONFIGURATION MANAGEMENT
AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - api http	CONFIGURATION MANAGEMENT
AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - api https	SYSTEM AND COMMUNICATIONS PROTECTION
AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - telnet	CONFIGURATION MANAGEMENT
AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - api http	CONFIGURATION MANAGEMENT
AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - api https	SYSTEM AND COMMUNICATIONS PROTECTION
AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - telnet	CONFIGURATION MANAGEMENT
AMLS-NM-000360 - The Arista Multilayer Switch must generate audit records for privileged activities or other system-level access - aaa commands	AUDIT AND ACCOUNTABILITY
AMLS-NM-000360 - The Arista Multilayer Switch must generate audit records for privileged activities or other system-level access - aaa exec	AUDIT AND ACCOUNTABILITY
AMLS-NM-000360 - The Arista Multilayer Switch must generate audit records for privileged activities or other system-level access - aaa system	AUDIT AND ACCOUNTABILITY
AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - all logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - trap logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000380 - The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur - show logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000380 - The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur - trap logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000390 - The Arista Multilayer Switch must generate audit records for all account creations, modifications, disabling, and termination events - show logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000390 - The Arista Multilayer Switch must generate audit records for all account creations, modifications, disabling, and termination events - trap logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000400 - The Arista Multilayer Switch must, at a minimum, off-load audit records for interconnected systems in real time - logging host	AUDIT AND ACCOUNTABILITY
AMLS-NM-000400 - The Arista Multilayer Switch must, at a minimum, off-load audit records for interconnected systems in real time - trap logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000420 - The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions - logging host	AUDIT AND ACCOUNTABILITY
AMLS-NM-000420 - The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions - show user-account	AUDIT AND ACCOUNTABILITY
AMLS-NM-000420 - The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions - trap logging	AUDIT AND ACCOUNTABILITY
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa commands all default	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa commands all start-stop	AUDIT AND ACCOUNTABILITY
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa console	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa dot1x default group	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa exec default	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa exec default start-stop	AUDIT AND ACCOUNTABILITY
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa group server	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa login console group	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa login default group	IDENTIFICATION AND AUTHENTICATION
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa policy on-failure	AUDIT AND ACCOUNTABILITY

Detections

Analytics

DISA STIG Arista MLS DCS-7000 Series NDM v1r3

Warning! Audit Deprecated

Audit Details

File Details

Audit Items