UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must employ FIPS-validated cryptography to protect information when such information must be separated from individuals who have the necessary clearances yet lack the necessary access approvals.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000222-FW-NA SRG-NET-000222-FW-NA SRG-NET-000222-FW-NA_rule Low
Description
Cryptography is only as strong as the encryption modules/algorithms employed to encrypt the data. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. FIPS 140-2 Security Requirements for Cryptographic Modules can be found at the following web site: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf. Although individuals may have a security clearance, they may not have a need to know and are required to be separated from the information in question. Applications must employ FIPS validated cryptography to protect unclassified information from those individuals who do not have a need to know. Only authorized system administrators with necessary access approvals are allowed to access the firewall. The firewall management interface is connected only to the restricted management network. Encryption for the purpose of traffic separation is not applicable.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000222-FW-NA_chk )
This requirement is NA for firewall. No fix required.
Fix Text (F-SRG-NET-000222-FW-NA_fix)
This requirement is NA for firewall. No fix required.