STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The perimeter firewall must filter traffic destined to the internal enclave in accordance with the specific traffic that is approved and registered in the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL), Vulnerability Assessments (VAs) for that the enclave.

DISA Rule

SV-206695r604133_rule

Vulnerability Number

V-206695

Group Title

SRG-NET-000205

Rule Version

SRG-NET-000205-FW-000040

Severity

CAT II

CCI(s)

• CCI-001097 - The information system monitors and controls communications at the external boundary of the information system and at key internal boundaries within the system.

Weight

10

Fix Recommendation

Configure the perimeter firewall to filter traffic destined to the internal enclave in accordance with the guidelines contained in the PPSM CAL and VAs for the enclave.

Check Contents

Review the perimeter firewall to verify it filters traffic destined to the internal enclave in accordance with the guidelines contained in the PPSM CAL and VAs for the enclave.

If the perimeter firewall does not filter traffic destined to the internal enclave in accordance with the guidelines contained in the PPSM CAL and VAs for the enclave, this is a finding.

Vulnerability Number

V-206695

Documentable

False

Rule Version

SRG-NET-000205-FW-000040

Severity Override Guidance

Review the perimeter firewall to verify it filters traffic destined to the internal enclave in accordance with the guidelines contained in the PPSM CAL and VAs for the enclave.

If the perimeter firewall does not filter traffic destined to the internal enclave in accordance with the guidelines contained in the PPSM CAL and VAs for the enclave, this is a finding.

Check Content Reference

M

Target Key

2912

Comments