UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must enforce approved authorizations for controlling the flow of information between interconnected systems in accordance with applicable policy.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000019-FW-000018 SRG-NET-000019-FW-000018 SRG-NET-000019-FW-000018_rule Medium
Description
Information flow controls are mechanisms which regulates where information is allowed to travel between interconnected systems. This control applies to the flow of information between the firewall and other network devices. Information flow varies based on the specific implementation of the firewall. The flow of all traffic to and from the firewall implementation must be monitored and controlled so this information does not introduce any unacceptable risk to the network or the firewall. Example: An IPS sensor may detect an event and update the network firewall ACL.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000019-FW-000018_chk )
View each firewall's configuration. Verify communication between the firewall and other network elements are configured to allow only explicitly authorized devices to access, monitor, or modify the firewall.

If the firewall is not configured to enforce approved authorizations for controlling the flow of information between interconnected systems in accordance with applicable policy, this is a finding.
Fix Text (F-SRG-NET-000019-FW-000018_fix)
Remove configuration information for unauthorized network devices from the communication functionality of the firewall.
Explicitly configure authorized devices in the communication functionality of the firewall.