The firewall implementation must not have unnecessary services and capabilities enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000131-FW-000080 | SRG-NET-000131-FW-000080 | SRG-NET-000131-FW-000080_rule | Medium |
| Description |
|---|
| A compromised firewall introduces risk to the entire network infrastructure. A fundamental step in securing each firewall is to identify and disable services and capabilities that are not needed or are not secure. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000131-FW-000080_chk ) |
|---|
| View the configuration and vendor documentation of the firewall application to find the minimum services which are required for operation of the firewall. Verify services and capabilities that are not needed are disabled. If unnecessary services and capabilities are enabled on the firewall, this is a finding. |
| Fix Text (F-SRG-NET-000131-FW-000080_fix) |
|---|
| Disable unneeded services and capabilities of the firewall application. |