Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-NET-000018-FW-000206 | SRG-NET-000018-FW-000206 | SRG-NET-000018-FW-000206_rule | Medium |
Description |
---|
Without proper access control of traffic entering or leaving the server VLAN, potential threats, such as a denial of service, data corruption, or theft could occur, resulting in the inability to complete mission requirements by authorized users. Protecting data sitting in a server VLAN is necessary and can be accomplished using access control lists on VLANs provisioned for servers. |
STIG | Date |
---|---|
Firewall Security Requirements Guide | 2014-07-07 |
Check Text ( C-SRG-NET-000018-FW-000206_chk ) |
---|
Review the device configuration to validate an ACL or rule set with a deny-by-default security posture has been implemented to protect the server VLAN. |
Fix Text (F-SRG-NET-000018-FW-000206_fix) |
---|
Configure an ACL or rule set to protect the server VLAN interface. The ACL or rule set must be in a deny-by-default security posture. |