The network element must perform data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources when requested by client systems.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000302-FW-NA	SRG-NET-000302-FW-NA	SRG-NET-000302-FW-NA_rule		Low

Description
A recursive resolving or caching domain name system (DNS) server is an example of an information system that provides name/address resolution service for local clients. Authoritative DNS servers are examples of authoritative sources. Network elements that use technologies other than the DNS to map between host/service names and network addresses provide other means to enable clients to verify the authenticity and integrity of response data. This requirement is a function of the DNS and is not applicable to the firewall.

Description

A recursive resolving or caching domain name system (DNS) server is an example of an information system that provides name/address resolution service for local clients. Authoritative DNS servers are examples of authoritative sources. Network elements that use technologies other than the DNS to map between host/service names and network addresses provide other means to enable clients to verify the authenticity and integrity of response data. This requirement is a function of the DNS and is not applicable to the firewall.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000302-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000302-FW-NA_fix)
This requirement is NA for firewall. No fix required.