The firewall implementation must protect against or limit the effects of Denial of Service (DoS) attacks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000191-FW-000117	SRG-NET-000191-FW-000117	SRG-NET-000191-FW-000117_rule		Medium

Description
A DoS attack against the firewall can leave the network without vital intrusion detection and prevention services, leaving the network and devices open to attack. A variety of technologies exist to limit or eliminate the effects of DoS attacks. The firewall implementation must help monitor for and filter certain types of packets to protect information system components on internal organizational networks from DoS attacks. Use of multiple sensors, load balancers, increasing log capacity, and providing service redundancy may also reduce the firewall's susceptibility to DoS attacks.

Description

A DoS attack against the firewall can leave the network without vital intrusion detection and prevention services, leaving the network and devices open to attack. A variety of technologies exist to limit or eliminate the effects of DoS attacks. The firewall implementation must help monitor for and filter certain types of packets to protect information system components on internal organizational networks from DoS attacks. Use of multiple sensors, load balancers, increasing log capacity, and providing service redundancy may also reduce the firewall's susceptibility to DoS attacks.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000191-FW-000117_chk )
Review the firewall to determine if it is configured to protect against and limit the effects of DoS attacks. If the firewall is not configured to limit DoS attacks, this is a finding.

Fix Text (F-SRG-NET-000191-FW-000117_fix)
Configure the firewall implementation to protect against or limit the effects of DoS attacks.