The firewall implementation must be configured to detect the presence of unauthorized software on organizational information systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-37213 | SRG-NET-000181-FW-000104 | SV-48974r1_rule | Medium |
| Description |
|---|
| The firewall monitors the network for known vulnerabilities and malicious software, such as Trojan horses, hacker tools, DDoS agents, and spyware. Many of these vulnerabilities may not be detected by anti-virus software or host-based intrusion detection systems. Unauthorized software may contain malware or malicious code which may be exploited by an attacker to gain access. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2013-04-24 |
Details
| Check Text ( C-45523r1_chk ) |
|---|
| Verify the use of firewall ACLs or policy filters that monitor for unauthorized software. If firewall ACLs or policy filters are not used to monitor for unauthorized software use on organizational information systems, this is a finding. |
| Fix Text (F-42150r1_fix) |
|---|
| Configure the firewall implementation to detect unauthorized software. |