UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must be configured to prohibit or restrict network traffic in accordance with organizationally defined requirements for nonsecure ports, protocols, and/or services.


Overview

Finding ID Version Rule ID IA Controls Severity
V-37167 SRG-NET-000132-FW-000076 SV-48928r1_rule Medium
Description
DoD continually assesses the ports, protocols, and services that can be used for network communications. Some ports, protocols or services have known exploits or security weaknesses. Network traffic using these ports, protocols, and services must be prohibited or restricted in accordance with DoD policy. The firewall implementation is a key network element for preventing these non-compliant ports, protocols, and services from causing harm to DoD information systems. The network firewall implementation must be configured to prevent or restrict the use of prohibited ports, protocols, and services throughout the network by filtering the network traffic and disallowing or redirecting traffic as necessary.
STIG Date
Firewall Security Requirements Guide 2013-04-24

Details

Check Text ( C-45494r1_chk )
Verify the firewall implementation provides policy controls to disallow or allow with restrictions ports, protocols and services in accordance with the PPSM requirements.

If the firewall implementation does not monitor inbound and outbound network traffic on each interface, prohibiting and restricting ports, protocols, and/or services in accordance with the PPSM, this is a finding.
Fix Text (F-42104r1_fix)
Configure the firewall implementation to prohibit or restrict network traffic in accordance with organizationally defined requirements for nonsecure ports, protocols, and/or services.