UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The firewall must generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate.


Overview

Finding ID Version Rule ID IA Controls Severity
V-79431 SRG-NET-000493-FW-000007 SV-94137r1_rule Medium
Description
Without generating log records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Access for different security levels maintains separation between resources (particularly stored data) of different security domains. The firewall can be configured to use security zones that are configured with different security policies based on risk and trust levels. These zones can be leveraged to prevent traffic from one zone from sending packets to another zone. For example, information from certain IP sources will be rejected if the destination matches specified security zones that are not authorized.
STIG Date
Firewall Security Requirements Guide 2019-06-28

Details

Check Text ( C-79045r1_chk )
View the configuration of the firewall or the central audit server log records.

Verify the firewall generates traffic log records when attempts are made to send packets between security zones that are not authorized to communicate.

If the firewall does not generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate, this is a finding.
Fix Text (F-86203r1_fix)
Configure the firewall central audit server stanza to generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate.