@cgrl3h Olivier is on holidays right now, I'm trying to answer before he checks his notifications 
We do have a hardening guide, with mostly best practices, but I'm not sure it is available publicly yet, I'll check, but I think it is shared only to customers.
We are working to have STIGs, but that's in an early phase, and that's a fairly long process,so don't count on anything like that being available in the near future.
I think whatever solution suits you will work.
Personally, if I know there are issues with it, I would tend to disable it in the bios, to be sure nobody tries to use it later and waste their time, in a enterprise settings, that can be important.
One thing to keep in mind if keeping it, is that if you want to add other hosts to the pool, they will need to have similar network topology, so if you endup having eth0 and eth1 with your current management network on eth1, any new host should be able to have its management on eth1 as well. You may work around it with interface renaming, but that tends to get messy over time.
That being said, I'm unsure even removing the realtek nic from the bios will change the interface number now that eth1 exists already and is configured.
If you don't plan to add hosts to the pool, and don't have a team with people that may act on these machines in the future without being aware of this setup history, leaving it connected and disabling the port on switch should not be an issue.
