Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Juniper router must not be configured to have any feature enabled that calls home to the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254000 | JUEX-RT-000280 | SV-254000r844033_rule | Medium |
| Description |
|---|
| Call home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. |
| STIG | Date |
|---|---|
| Juniper EX Series Switches Router Security Technical Implementation Guide | 2024-06-10 |
Details
| Check Text ( C-57452r844031_chk ) |
|---|
| Verify the call home service is disabled on the device. Verify [edit system] does NOT contain a phone-home hierarchy as shown: [edit system] host-name : : phone-home { server https:// rfc-compliant; } If a call home service is enabled, this is a finding. |
| Fix Text (F-57403r844032_fix) |
|---|
| Configure the network device to disable the call home service or feature. Delete the phone-home hierarchy under [edit system]. delete system phone-home Note: Because the command is hidden, Junos will not autocomplete and "phone-home" must be explicitly, and correctly, spelled out. |