UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall implementation must not enable the service or feature that automatically contacts the vendor.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000131-FW-000223 SRG-NET-000131-FW-000223 SRG-NET-000131-FW-000223_rule Medium
Description
"Call home" services or features will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. However, using this capability introduces the risk of transmission of sensitive data to unauthorized persons. The call home capability may not exist on a specific device and is rarely enabled by default.
STIG Date
Firewall Security Requirements Guide 2014-07-07

Details

Check Text ( C-SRG-NET-000131-FW-000223_chk )
Review the configuration of the firewall implementation. Verify the call home service or feature is disabled on the device. This may be a capability that is not enabled by default. If it is enabled, this is a finding.
Fix Text (F-SRG-NET-000131-FW-000223_fix)
Configure the network device to disable the call home service or feature. This may be a capability that is not enabled by default; if it is not, do not enable it.