UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

IBM z/VM must be protected by an external firewall that has a deny-all, allow-by-exception policy.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78979 IBMZ-VM-002360 SV-93685r1_rule Medium
Description
Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Firewalls provide monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications.
STIG Date
IBM z/VM Using CA VM:Secure Security Technical Implementation Guide 2017-12-11

Details

Check Text ( C-78567r1_chk )
Ask the system administrator for a network system plan.

If there is no firewall defined for the IBM z/VM system, this is a finding.

If the firewall does not have a deny-all, allow-by-exception policy, this is a finding.
Fix Text (F-85729r1_fix)
Ensure that the network has a firewall installed that provides a deny-all, allow-by-exception protection for the IBM z/VM system.