The firewall implementation must automatically implement organizationally defined safeguards and countermeasures if security functions or mechanisms are changed inappropriately.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000124-FW-000079	SRG-NET-000124-FW-000079	SRG-NET-000124-FW-000079_rule		Medium

Description
Changes to any software components of the firewall can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals are allowed administrative access to the firewall for implementing any changes or upgrades. In order to ensure a prompt response to unauthorized changes to firewall security functions, the organizations will define the safeguards the device must undertake in the event these changes occur.

Description

Changes to any software components of the firewall can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals are allowed administrative access to the firewall for implementing any changes or upgrades. In order to ensure a prompt response to unauthorized changes to firewall security functions, the organizations will define the safeguards the device must undertake in the event these changes occur.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000124-FW-000079_chk )
Verify organizationally defined prevention measures (safeguards) actions (countermeasures) are configured to occur when unauthorized changes are made to the security functions and mechanisms. If organizationally defined safeguards and countermeasures are not configured, this is a finding.

Fix Text (F-SRG-NET-000124-FW-000079_fix)
Configure organizationally defined safeguards and countermeasures (e.g., alerts) to occur when security functions or mechanisms are inappropriately changed.