STIGQter STIGQter: STIG Summary: Infrastructure Router Security Technical Implementation Guide Juniper Version: 8 Release: 29 Benchmark Date: 25 Jan 2019: ISATAP tunnels must terminate at an interior router.

DISA Rule

SV-16067r2_rule

Vulnerability Number

V-15288

Group Title

ISATAP tunnels must terminate at interior router.

Rule Version

NET-TUNL-017

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Terminate ISATAP tunnels at the infrastructure router to prohibit tunneled traffic from exiting the enclave perimeter prior to inspection by the IDS, IPS, or firewall.

Check Contents

Verify ISATAP tunnels are terminated on the infrastructure routers or L3 switches within the enclave.

Vulnerability Number

V-15288

Documentable

False

Rule Version

NET-TUNL-017

Severity Override Guidance

Verify ISATAP tunnels are terminated on the infrastructure routers or L3 switches within the enclave.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

510

Comments