The firewall implementation must use automated mechanisms to restrict the use of maintenance tools to authorized personnel only.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000172-FW-000106	SRG-NET-000172-FW-000106	SRG-NET-000172-FW-000106_rule		Medium

Description
This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to a firewall may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel.

Description

This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to a firewall may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000172-FW-000106_chk )
Verify the firewall restricts the use of maintenance tools to authorized system administrators. If the use of maintenance tools is not restricted to authorized personnel only, this is a finding.

Fix Text (F-SRG-NET-000172-FW-000106_fix)
Configure the firewall implementation to restrict access to maintenance tools for the firewall to authorized system administrators.