New ZTE ROSNG Compliance Plugin and Audit Summary Customers...
New ZTE ROSNG Compliance Plugin and Audit Summary Customers can now measure compliance against ZTE ROSNG devices with new plugin ID 144328. This plugin retrieves target data with 'show' commands to evaluate actual values against a given audit policy. Target Release Date April 16, 2021 Additional Notes: A Tenable Best Practice audit will be released along with the plugin. This audit checks for many common security items, such as: Telnet disabled, strong password requirements, anti-riot protection, acceptable encryption types, proxy arp configuration, and more. Information about creating your own custom ZTE checks will be added to the Compliance documentation here in the coming days. Example audit structure: <check_type:"ZTE_ROSNG"> <custom_item> type : CONFIG_CHECK description : "Verify SSH version 2 is enabled" section : "ssh" item : "ssh server version 2" </custom_item> <custom_item> type : CONFIG_CHECK description : "Verify LLDP is enabled" context : "lldp" item : "lldp-(rx|tx) enable" max_occurrences : "2" </custom_item> </check_type> The first example uses a new tag 'section'. When viewing ZTE device configuration, this will isolate any section between !<ssh> and !</ssh>. The second example uses 'context', which can be used to isolate any section that is space/tab delimited under its major heading. Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.