The network element must prevent access into the organizations internal networks except as explicitly permitted and controlled by employing boundary protection devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34151	SRG-NET-000201-DNS-NA	SV-44604r1_rule		Medium

Description
The enclave's internal network contains the servers where mission critical data and applications reside. There should never be connection attempts made to these devices from any host outside of the enclave. The initial defense for the internal network is to block any traffic at the perimeter attempting to make a connection to a host residing on the internal network. Boundary protection is not a function of DNS.

Description

The enclave's internal network contains the servers where mission critical data and applications reside. There should never be connection attempts made to these devices from any host outside of the enclave. The initial defense for the internal network is to block any traffic at the perimeter attempting to make a connection to a host residing on the internal network. Boundary protection is not a function of DNS.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42111r1_chk )
This is not a function of DNS.

Fix Text (F-38061r1_fix)
This requirement is NA for DNS. No fix required.