Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must limit the use of resources by priority.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-37223 | SRG-NET-000194-FW-000111 | SV-48984r1_rule | Medium |
| Description |
|---|
| Priority protection helps prevent a lower priority process from delaying or interfering with the information system servicing any higher-priority process. If priority protection is not implemented, network congestion may result in poor network service because priority traffic may be delayed or dropped, and this in turn could result in a denial of service condition. This control refers to the functionality of the firewall application and is normally a function of system design. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2013-04-24 |
Details
| Check Text ( C-45530r2_chk ) |
|---|
| Review the firewall documentation and system configuration to determine if resource prioritization is implemented as part of the firewall application. If the system is not configured to prioritize resources, this is a finding. |
| Fix Text (F-42160r1_fix) |
|---|
| Configure the firewall implementation to protect against or limit the effects of denial of service attacks by implementing risk mitigation solutions (e.g., multiple/distributed firewalls, load balancers, increasing log capacity, and/or providing service redundancy). |