The firewall implementation must preserve organizationally defined system state information in the event of a system failure.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-37311	SRG-NET-000236-FW-000141	SV-49072r1_rule		Low

Description
Failure to a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving system state information facilitates system restart and return to the operational mode of the organization with less disruption of the network. Each site should have a failover solution in place in case of system fault.

Description

Failure to a known state can address safety or security in accordance with the mission needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving system state information facilitates system restart and return to the operational mode of the organization with less disruption of the network. Each site should have a failover solution in place in case of system fault.

STIG	Date
Firewall Security Requirements Guide	2013-04-24

Details

Check Text ( C-45559r1_chk )
Examine the configuration settings for hardware and/or application failover of the firewall. Verify the firewall is configured to preserve organizationally defined system state information upon failure. If the firewall implementation does not preserve organizationally defined system state information when a system failure occurs, this is a finding.

Fix Text (F-42236r1_fix)
Configure the system failover or hardware/software failure settings to preserve organizationally defined system state information in the event of a system failure.