Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must be configured to perform organizationally defined actions in response to malicious code detection.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000249-FW-000153 | SRG-NET-000249-FW-000153 | SRG-NET-000249-FW-000153_rule | Medium |
| Description |
|---|
| Organizations may determine that in response to malicious code detection, different actions may be warranted for different situations. For example, the firewall may send different alerts, block malicious packets, block the IP address, or update the firewall depending on the capabilities of the implementation. Upon detection of traffic transporting malicious code, the firewall implementation must perform organizationally defined actions to notify or prevent malicious code from further impacting the network. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2012-12-10 |
Details
| Check Text ( C-SRG-NET-000249-FW-000153_chk ) |
|---|
| Review the malicious code protection software installed on the firewall. Verify organizationally defined actions are performed upon the detection of malicious code. If the firewall is not configured to perform organizationally defined actions when malicious code is detected, this is a finding. |
| Fix Text (F-SRG-NET-000249-FW-000153_fix) |
|---|
| Configure the firewall implementation to perform organizationally defined actions when malicious code is detected. |