The network element must authenticate devices before establishing remote network connections using bidirectional authentication between cryptographically based devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000149-FW-NA	SRG-NET-000149-FW-NA	SRG-NET-000149-FW-NA_rule		Low

Description
This requirement addresses device to device authentication during remote network management sessions used to manage the firewall. A remote connection is any connection with a device communicating through an external network (e.g., the Internet). Remote management must be secured using cryptography; and authentication must use a bidirectional authentication method where each device is authenticated. Although, in some implementations, VPN connections terminate on the firewall, this is not part of the firewall functionality. Thus, authentication of remote access devices is out of scope for the firewall.

Description

This requirement addresses device to device authentication during remote network management sessions used to manage the firewall. A remote connection is any connection with a device communicating through an external network (e.g., the Internet). Remote management must be secured using cryptography; and authentication must use a bidirectional authentication method where each device is authenticated. Although, in some implementations, VPN connections terminate on the firewall, this is not part of the firewall functionality. Thus, authentication of remote access devices is out of scope for the firewall.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000149-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000149-FW-NA_fix)
This requirement is NA for firewall. No fix required.