El Alto Update

Current Requirement: The VNF Vendor MUST provide all code (e.g., QCOW2) and configuration files (e.g., HEAT template, Ansible playbook, script) in a hardened state, with documented recommended configurations for hardening, and interfaces that allow the Operator to harden the VNF. Actions taken to harden a system include disabling all unnecessary services, and changing default values such as default credentials and community strings.

Proposed Requirement: All architectural layers of the VNF MUST be hardened, or have documented recommended configurations for hardening and interfaces that allow the Operator to harden all architectural layers. This includes but is not limited to all code (e.g., QCOW2), configuration files (e.g., HEAT template, Ansible playbook, script), and interfaces (e.g., ports, APIs). Actions taken to harden a system include disabling all unnecessary services, and changing default values such as default credentials and community strings.