2.1.5 Ensure unused interfaces are disabled

Information

Disables the unused interfaces.

Rationale:

Shutting down the unused interfaces is a complement to physical security. In fact, an attacker connecting physically to an unused port of the security appliance can use the interface to gain access to the device if the relevant interface has not been disabled and the source restriction to management access is not enabled.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Run the following command disable the unused interface.
CLI:

Hostname> set interface <Interface_Number> state off

GUI:

Navigate to Network Management > Network Interfaces > Open unused Interface > unchecked Enable

Default Value:

NA

See Also

https://workbench.cisecurity.org/files/2828

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7

Plugin: CheckPoint

Control ID: b3d93d2bc338a733c78c5e6b4dbf69d6a9f79447d1afe298c97145ed52a166ae