STIGQter: STIG Summary: Juniper SRX SG IDPS Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 28 Jul 2017:

The Juniper Networks SRX Series Gateway IDPS must either forward the traffic from inbound connections to be more deeply inspected for malicious code and Layer 7 threats, or the Antivirus and Unified Threat Management (UTM) license must be installed, active, and policies and rules configured.

DISA Rule

SV-80931r1_rule

Vulnerability Number

V-66441

Group Title

SRG-NET-000512-IDPS-00194

Rule Version

JUSX-IP-000031

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure at least one policy for the UTM and AV policy using the commands and options for the [edit security utm] hierarchy.

If the UTM and AV licenses are not installed, IDPS must be installed in the architecture so that traffic is forwarded for deeper AV and UTM inspection. This can be accomplished by using a zone stanza to direct the traffic to an interface or IP destination address.

Check Contents

Verify UTM and AV policies are configured.

[edit]
show security utm

If a stanza does not exist for at least one UTM and one AV policy, this is a finding.

If the IDPS does not have UTM and AV capabilities and traffic is not forwarded to be inspected for AV and UTM threats, this is a finding.

Vulnerability Number

V-66441

Documentable

False

Rule Version

JUSX-IP-000031

Severity Override Guidance

Verify UTM and AV policies are configured.

[edit]
show security utm

If a stanza does not exist for at least one UTM and one AV policy, this is a finding.

If the IDPS does not have UTM and AV capabilities and traffic is not forwarded to be inspected for AV and UTM threats, this is a finding.

Check Content Reference

M

Target Key

3037

Comments