STIGQter STIGQter: STIG Summary: Juniper Router NDM Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 24 Jul 2020:

The Juniper router must be configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions.

DISA Rule

SV-101271r1_rule

Vulnerability Number

V-91171

Group Title

SRG-APP-000412-NDM-000331

Rule Version

JUNI-ND-001200

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Configure the router to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions using a FIPS 140-2 approved algorithm as shown in the example below.

[edit system services]
set ssh ciphers aes128-cbc

Check Contents

Review the router configuration to verify that it is compliant with this requirement.

system {



}
services {
ssh {
protocol-version v2;
ciphers aes128-cbc;
}
}

If the router is not configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions using a FIPS 140-2 approved algorithm, this is a finding.

Vulnerability Number

V-91171

Documentable

False

Rule Version

JUNI-ND-001200

Severity Override Guidance

Review the router configuration to verify that it is compliant with this requirement.

system {



}
services {
ssh {
protocol-version v2;
ciphers aes128-cbc;
}
}

If the router is not configured to implement cryptographic mechanisms to protect the confidentiality of remote maintenance sessions using a FIPS 140-2 approved algorithm, this is a finding.

Check Content Reference

M

Target Key

3381

Comments