Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must use automated mechanisms to restrict the use of maintenance tools to authorized personnel only.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000172-FW-000106 | SRG-NET-000172-FW-000106 | SRG-NET-000172-FW-000106_rule | Medium |
| Description |
|---|
| This requirement addresses security-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Maintenance tools include hardware/software diagnostic test equipment and hardware/software packet sniffers. Maintenance tools connecting to a firewall may contain malware or insert unauthorized capabilities; therefore, their use must be restricted to authorized personnel. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000172-FW-000106_chk ) |
|---|
| Verify the firewall restricts the use of maintenance tools to authorized system administrators. If the use of maintenance tools is not restricted to authorized personnel only, this is a finding. |
| Fix Text (F-SRG-NET-000172-FW-000106_fix) |
|---|
| Configure the firewall implementation to restrict access to maintenance tools for the firewall to authorized system administrators. |