The firewall must apply egress filters to traffic that is outbound from the network through any internal interface.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-79471	SRG-NET-000364-FW-000032	SV-94177r2_rule		Medium

Description
If outbound communications traffic is not filtered, hostile activity intended to harm other networks or packets from networks destined to unauthorized networks may not be detected and prevented. Access control policies and access control lists implemented on devices, such as firewalls, that control the flow of network traffic ensure the flow of traffic is only allowed from authorized sources to authorized destinations. Networks with different levels of trust (e.g., the Internet) must be kept separated. This requirement addresses the binding of the egress filter to the interface/zone rather than the content of the egress filter.

Description

If outbound communications traffic is not filtered, hostile activity intended to harm other networks or packets from networks destined to unauthorized networks may not be detected and prevented. Access control policies and access control lists implemented on devices, such as firewalls, that control the flow of network traffic ensure the flow of traffic is only allowed from authorized sources to authorized destinations. Networks with different levels of trust (e.g., the Internet) must be kept separated. This requirement addresses the binding of the egress filter to the interface/zone rather than the content of the egress filter.

STIG	Date
Firewall Security Requirements Guide	2018-12-24

Details

Check Text ( None )
None

Fix Text (None)
None