The firewall implementation must uniquely authenticate destination domains for information transfer.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-37070 | SRG-NET-000027-FW-000026 | SV-48831r1_rule | Medium |
| Description |
|---|
| Identifying destination address for information flows within the network allows forensic reconstruction of events when required, and increases policy compliance by attributing policy violations to specific individuals. Means to enforce this enhancement include ensuring the network element authenticates the source involved in receiving information. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2013-04-24 |
Details
| Check Text ( C-45443r1_chk ) |
|---|
| Review the firewall configuration to verify the firewall uniquely authenticates the destination domain (e.g., IP address) of information transfer sessions. If the firewall implementation does not uniquely authenticate destination domains for information transfer, this is a finding. |
| Fix Text (F-42016r1_fix) |
|---|
| Configure the firewall implementation to uniquely authenticate destination domains for information transfer. |