Any software application designed to function as a firewall must be capable employing a default deny all configuration.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27051 | SRG-APP-000256 | SV-34346r1_rule | Medium |
| Description |
|---|
| A firewall default deny is a firewall configuration setting that will force the administrator to explicitly allow network or application traffic rather than allowing all traffic by default. The purpose is to prevent unmanaged access into the internal network or in the case of an application firewall, to application content, features, or functionality. |
| STIG | Date |
|---|---|
| Application Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |