Checklist Summary:

This Sharing Peripherals Across the Network (SPAN) Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Commercial-Off-The-Shelf (COTS) hardware peripheral devices. For this STIG, peripheral will mean, "any device that allows communication between a system and itself, but is not directly operated by the system". However, this document does not deal with devices found wholly contained within the main cabinet of the computer or, with the exception of A/B switches, those devices connected via legacy parallel and serial interfaces. Peripheral devices are commonly used within the Information Technology (IT) community and some, if not all, of the technologies addressed within this STIG are found at any Department of Defense (DOD) location. Unfortunately, this presence also brings dependence and vulnerabilities. Malicious or mischievous individuals will try to exploit vulnerabilities and uninformed individuals will inadvertently but invariably expose the infrastructure to new vulnerabilities. Because many of these devices need to interoperate with multiple information systems (ISs), their default configuration settings are often not sufficient for a strong security posture. In other cases, these devices have no user configurable settings and it is the handling of the device that provides the security. This STIG will provide the guidelines to deploy these devices in a secure manner. The vast numbers of devices that fall into the category of peripherals preclude the inclusion of specific configuration settings for all devices made by all manufacturers. Therefore, this document will provide general guidelines. Appendices will be added to provide product specific requirements.

Checklist Role:

• Enterprise Firewall
• Multi-Functional Peripherals
• Router
• Border and Gateway Router
• Enterprise Router
• Ethernet LAN Switch
• Wireless Networking

Known Issues:

Not provided.

Target Audience:

This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist SMs, Information Assurance Managers (IAMs), IAOs, and SAs with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoDD 8500.1 and DoDI 8500.2

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via e-mail to fso_spt@disa.mil. DISA FSO will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not provided.

Product Support:

It should be noted that FSO support for the STIGs, Checklists, and tools is only available to DOD customers.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

Version 2, Release 2 - 25 October 2013
Updated "Point of Contact" - 15 January 2015
null
Updated URL to reflect change to the DISA website - http --> https
Updated to Version 2, Release 3 - 10/25/18
Corrected SHA - 10/31/18
Updated to FINAL - 12/3/18
Updated URLs - 6/14/19
Updated URLs - 8/12/2019

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 08/12/2019