Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000222-FW-NA | SRG-NET-000222-FW-NA | SRG-NET-000222-FW-NA_rule | Low |
Description |
---|
Cryptography is only as strong as the encryption modules/algorithms employed to encrypt the data. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. FIPS 140-2 Security Requirements for Cryptographic Modules can be found at the following web site: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf. Although individuals may have a security clearance, they may not have a need to know and are required to be separated from the information in question. Applications must employ FIPS validated cryptography to protect unclassified information from those individuals who do not have a need to know. Only authorized system administrators with necessary access approvals are allowed to access the firewall. The firewall management interface is connected only to the restricted management network. Encryption for the purpose of traffic separation is not applicable. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2012-12-10 |
Check Text ( C-SRG-NET-000222-FW-NA_chk ) |
---|
This requirement is NA for firewall. No fix required. |
Fix Text (F-SRG-NET-000222-FW-NA_fix) |
---|
This requirement is NA for firewall. No fix required. |