Controls

Terug naar overzicht
Version

SB.11.003 Networking Hardware

Low
Low
Low
Network Security
Organisation
v2.0 (Q1 2024)

Description

Networking maintains a list of approved hardware components and their required configurations.

Networking hardware components are not accessible to unauthorised individuals.

Specification

Switches do not operate in promiscuous mode.

TACACS+ is preferred over RADIUS as a means of authentication.

SNMPv3 Community strings and passwords are managed as part of privileged access management and thus rotated when there have been changes in the roles or employment status of anyone with access to them. The use of SNMPv2 is prohibited.

Anti-spoofing protection is in place, such as IP Source Guard (CISCO), Port Security, DHCP snooping and Dynamic ARP Inspection.