STIGQter STIGQter: STIG Summary: Juniper Router RTR Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 25 Oct 2019: The Juniper router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication.

DISA Rule

SV-101051r1_rule

Vulnerability Number

V-90841

Group Title

SRG-NET-000019-RTR-000001

Rule Version

JUNI-RT-000230

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Disable the auxiliary port.

[edit system ports]
set auxiliary disable

Note: If used for out-of-band administrative access, the port must be connected to a secured modem providing encryption and authentication.

Check Contents

Review the configuration and verify that the auxiliary port is disabled unless a secured modem providing encryption and authentication is connected to it.

If the auxiliary port has never been configured or has been removed from the configuration this is Not Applicable.

system {
host-name XYZ;



ports {
auxiliary {
disable;
type xterm;
}
}

If the auxiliary port is not disabled or is not connected to a secured modem when it is enabled, this is a finding.

Vulnerability Number

V-90841

Documentable

False

Rule Version

JUNI-RT-000230

Severity Override Guidance

Review the configuration and verify that the auxiliary port is disabled unless a secured modem providing encryption and authentication is connected to it.

If the auxiliary port has never been configured or has been removed from the configuration this is Not Applicable.

system {
host-name XYZ;



ports {
auxiliary {
disable;
type xterm;
}
}

If the auxiliary port is not disabled or is not connected to a secured modem when it is enabled, this is a finding.

Check Content Reference

M

Target Key

3387

Comments