STIGQter STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected.

DISA Rule

SV-206711r604133_rule

Vulnerability Number

V-206711

Group Title

SRG-NET-000392

Rule Version

SRG-NET-000392-FW-000042

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the firewall (or another network device) to send an alert via instant message, email, or another authorized method to the ISSO and ISSM and other identified personnel when DoS incidents are detected.

Check Contents

If a network device such as the events, network management, or SNMP server is configured to send an alert when DoS incidents are detected, this is not a finding.

Verify the firewall is configured to send an alert via instant message, email, SNMP, or another authorized method to the ISSO, ISSM, and other identified personnel when DoS incidents are detected.

If the firewall is not configured to send an alert via an approved and immediate method when DoS incidents are detected, this is a finding.

Vulnerability Number

V-206711

Documentable

False

Rule Version

SRG-NET-000392-FW-000042

Severity Override Guidance

If a network device such as the events, network management, or SNMP server is configured to send an alert when DoS incidents are detected, this is not a finding.

Verify the firewall is configured to send an alert via instant message, email, SNMP, or another authorized method to the ISSO, ISSM, and other identified personnel when DoS incidents are detected.

If the firewall is not configured to send an alert via an approved and immediate method when DoS incidents are detected, this is a finding.

Check Content Reference

M

Target Key

2912

Comments