The firewall implementation must notify the user of the number of unsuccessful login attempts occurring during an organizationally defined time period.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000051-FW-000041 | SRG-NET-000051-FW-000041 | SRG-NET-000051-FW-000041_rule | Low |
| Description |
|---|
| Providing users with information regarding the number of unsuccessful login attempts to the local device that have occurred over an organizationally defined time period. Without this information, the user may not become aware that unauthorized activity has occurred. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000051-FW-000041_chk ) |
|---|
| Connect to the firewall. Note the number of unsuccessful login attempts occurring during an organizationally defined time period. If the number of unsuccessful login attempts that occur during an organizationally defined time period is not displayed, this is a finding. |
| Fix Text (F-SRG-NET-000051-FW-000041_fix) |
|---|
| Configure the firewall implementation to display the number of unsuccessful login attempts occurring during an organizationally defined time period. |