UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must connect to external networks only through managed interfaces consisting of boundary protection devices arranged in accordance with organizational security architecture.


Overview

Finding ID Version Rule ID IA Controls Severity
V-37292 SRG-NET-000206-FW-000122 SV-49053r1_rule Low
Description
The firewall will build a state to allow return traffic for all initiated traffic that was allowed outbound. Monitoring and filtering the outbound traffic adds a layer of protection to the enclave, in addition to being a good Internet citizen by preventing your network from being used as an attack base. All network elements must be configured to ensure all traffic is forwarded through the perimeter security infrastructure when sending traffic to external destinations.
STIG Date
Firewall Security Requirements Guide 2013-04-24

Details

Check Text ( C-45539r1_chk )
Review the configuration for each active interface on the firewall.
Verify each interface has an inbound and/or outbound ACL or policy filter.

If external, active firewall interfaces do not have ACL or policy filters applied, this is a finding.
Fix Text (F-42217r1_fix)
Configure each active interface on the firewall with an inbound and/or outbound ACL or policy filter.