STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must be configured to allow authorized users to record a packet capture based IP, traffic type (TCP, UDP, or ICMP), or protocol.

DISA Rule

SV-206712r604133_rule

Vulnerability Number

V-206712

Group Title

SRG-NET-000399

Rule Version

SRG-NET-000399-FW-000008

Severity

CAT II

CCI(s)

• CCI-001462 - The information system provides the capability for authorized users to capture/record and log content related to a user session.

Weight

10

Fix Recommendation

Document a process for authorized users to capture, record, and log all content based on IP, traffic type (TCP, UDP, or ICMP), or protocol.

Check Contents

View the documented process for packet capture.

Verify the firewall allows authorized users to perform a packet capture based on IP, traffic type (TCP, UDP, or ICMP), or protocol.

If the firewall is not configured to allow authorized users to capture, record, and log all content related to a user session, this is a finding.

Vulnerability Number

V-206712

Documentable

False

Rule Version

SRG-NET-000399-FW-000008

Severity Override Guidance

View the documented process for packet capture.

Verify the firewall allows authorized users to perform a packet capture based on IP, traffic type (TCP, UDP, or ICMP), or protocol.

If the firewall is not configured to allow authorized users to capture, record, and log all content related to a user session, this is a finding.

Check Content Reference

M

Target Key

2912

Comments