The firewall implementation must provide automated support for the management of distributed security testing.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000270-FW-000157	SRG-NET-000270-FW-000157	SRG-NET-000270-FW-000157_rule		Low

Description
The need to verify security functionality is necessary to ensure the firewall's defense is enabled. To scale the deployment of the verification process, the firewall implementation must provide automated support for the management of distributed security testing. This control addresses security verification during network state changes. The firewall can be configured to automatically provide logs to other devices on the network to be used for security verification processes.

Description

The need to verify security functionality is necessary to ensure the firewall's defense is enabled. To scale the deployment of the verification process, the firewall implementation must provide automated support for the management of distributed security testing. This control addresses security verification during network state changes. The firewall can be configured to automatically provide logs to other devices on the network to be used for security verification processes.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000270-FW-000157_chk )
Verify the firewall is configured to provide automatic support of the site's distributed security testing systems. If the system is not configured to provide automated support for the management of distributed security testing, this is a finding.

Fix Text (F-SRG-NET-000270-FW-000157_fix)
Configure the firewall implementation to support the site's distributed security testing systems.