STIGQter STIGQter: STIG Summary: Windows Firewall with Advanced Security Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 27 Apr 2018:

The Windows Firewall with Advanced Security local connection rules must not be merged with Group Policy settings when connected to a public network.

DISA Rule

SV-54918r3_rule

Vulnerability Number

V-17443

Group Title

Windows Firewall Public - Local Connection Rules

Rule Version

WNFWA-000025

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If the system is not a member of a domain, this is NA.

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security -> Windows Firewall with Advanced Security -> Windows Firewall Properties (this link will be in the right pane) -> Public Profile Tab -> Settings (select Customize) -> Rule merging, "Apply local connection security rules:" to "No".

Check Contents

If the system is not a member of a domain, this is NA.

If the firewall's Public Profile is not enabled (see V-17417), this requirement is also a finding.

Verify the registry value below.

If this registry value does not exist or is not configured as specified, this is a finding.

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\

Value Name: AllowLocalIPsecPolicyMerge

Type: REG_DWORD
Value: 0x00000000 (0)

Vulnerability Number

V-17443

Documentable

False

Rule Version

WNFWA-000025

Severity Override Guidance

If the system is not a member of a domain, this is NA.

If the firewall's Public Profile is not enabled (see V-17417), this requirement is also a finding.

Verify the registry value below.

If this registry value does not exist or is not configured as specified, this is a finding.

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile\

Value Name: AllowLocalIPsecPolicyMerge

Type: REG_DWORD
Value: 0x00000000 (0)

Check Content Reference

M

Target Key

2565

Comments