UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000239-FW-000151 SRG-NET-000239-FW-000151 SRG-NET-000239-FW-000151_rule Medium
Description
This requirement is intended to address the confidentiality and integrity of system information at rest (e.g., firewall rule sets or ACLs) when it is located on a storage device within the firewall or as a component of the firewall implementation. This protection is required to prevent unauthorized disclosure of information when not stored directly on the firewall.
STIG Date
Firewall Security Requirements Guide 2012-12-10

Details

Check Text ( C-SRG-NET-000239-FW-000151_chk )
Inspect the encryption configuration of the firewall implementation. Verify encryption is automatically used for all data at rest.

If the system is not configured to employ cryptographic mechanisms to prevent unauthorized disclosure of information at rest, this is a finding.
Fix Text (F-SRG-NET-000239-FW-000151_fix)
Open the device's management application and navigate to the encryption configuration screen.
Configure the device so encryption is automatically used for all data at rest.