Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The firewall implementation must only allow incoming communications from authorized sources routed to authorized destinations.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000364-FW-000237 | SRG-NET-000364-FW-000237 | SRG-NET-000364-FW-000237_rule | Medium |
| Description |
|---|
| Unauthorized traffic is untrusted traffic and may be malicious. Traffic originating from unauthorized sources may be hostile and pose a threat to an enclave or to other connected networks. Traffic originating from authorized sources but connecting to unauthorized destinations may be the result of compromised external hosts. Additionally, unrestricted traffic may transit a network, which uses bandwidth and other resources. Therefore, all expected traffic must be identified by application, endpoints, protocol, and port and then vetted. Only those connections (or traffic flows) which are essential and approved must be allowed. The firewall or other device implementing an Access Control List must only allow traffic from authorized sources to authorized destinations. Sources and destinations should be as specifically identified as possible. All other inbound and outbound traffic must be denied by default. |
| STIG | Date |
|---|---|
| Firewall Security Requirements Guide | 2014-07-07 |
Details
| Check Text ( C-SRG-NET-000364-FW-000237_chk ) |
|---|
| Review the configuration of the firewall implementation and the system documentation and verify that only traffic from authorized sources to authorized destinations is allowed. If any source and destination combination is allowed that is not specifically authorized, this is a finding. |
| Fix Text (F-SRG-NET-000364-FW-000237_fix) |
|---|
| Configure the firewall implementation to only allow traffic from authorized sources to authorized destinations. |