Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must protect against or limit the effects of Denial of Service (DoS) attacks.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000191-FW-000117 | SRG-NET-000191-FW-000117 | SRG-NET-000191-FW-000117_rule | Medium |
| Description |
|---|
| A DoS attack against the firewall can leave the network without vital intrusion detection and prevention services, leaving the network and devices open to attack. A variety of technologies exist to limit or eliminate the effects of DoS attacks. The firewall implementation must help monitor for and filter certain types of packets to protect information system components on internal organizational networks from DoS attacks. Use of multiple sensors, load balancers, increasing log capacity, and providing service redundancy may also reduce the firewall's susceptibility to DoS attacks. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000191-FW-000117_chk ) |
|---|
| Review the firewall to determine if it is configured to protect against and limit the effects of DoS attacks. If the firewall is not configured to limit DoS attacks, this is a finding. |
| Fix Text (F-SRG-NET-000191-FW-000117_fix) |
|---|
| Configure the firewall implementation to protect against or limit the effects of DoS attacks. |