STIGQter STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG providing intermediary services for remote access communications traffic must ensure inbound and outbound traffic is monitored for compliance with remote access security policies.

DISA Rule

SV-68599r1_rule

Vulnerability Number

V-54353

Group Title

SRG-NET-000061-ALG-000009

Rule Version

SRG-NET-000061-ALG-000009

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If intermediary services for remote access communications traffic are provided, configure the ALG to either provide content inspection for inbound and outbound traffic or route the traffic to be inspected for compliance with remote access security policies.

Check Contents

If the ALG does not serve as an intermediary for remote access traffic (e.g., web content filter, TLS and webmail), this is not applicable.

Verify the ALG is configured to inspect traffic or forward to a monitoring device for inspection prior to forwarding to inbound or outbound destinations.
Verify that the communications package is either forwarded or disallowed and that the process does not alter the original data payload that is forwarded to the destination application.

If the ALG does not ensure inbound and outbound traffic is monitored for compliance with remote access security policies, this is a finding.

Vulnerability Number

V-54353

Documentable

False

Rule Version

SRG-NET-000061-ALG-000009

Severity Override Guidance

If the ALG does not serve as an intermediary for remote access traffic (e.g., web content filter, TLS and webmail), this is not applicable.

Verify the ALG is configured to inspect traffic or forward to a monitoring device for inspection prior to forwarding to inbound or outbound destinations.
Verify that the communications package is either forwarded or disallowed and that the process does not alter the original data payload that is forwarded to the destination application.

If the ALG does not ensure inbound and outbound traffic is monitored for compliance with remote access security policies, this is a finding.

Check Content Reference

M

Target Key

2489

Comments