The firewall implementation must enforce the organizationally defined time period over which the number of invalid login attempts are counted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000039-FW-000034 | SRG-NET-000039-FW-000034 | SRG-NET-000039-FW-000034_rule | Medium |
| Description |
|---|
| To reduce the risk of successful malicious login attempts, the firewall implementation must define the time period over which the number of failed login attempts (CCI-000044) is counted before enforcement action is taken. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000039-FW-000034_chk ) |
|---|
| Review the firewall configuration for both the local and network connections to determine whether the setting for the time period over which the number of invalid login attempts is counted is configured and enforced. If the firewall is not configured to enforce the organizationally defined limit of consecutive invalid login attempts, this is a finding. |
| Fix Text (F-SRG-NET-000039-FW-000034_fix) |
|---|
| Configure the firewall implementation to enforce the organizationally defined time period over which the number of invalid login attempts is counted. |