UCF STIG Viewer Logo

The Juniper SRX Services Gateway must have the number of rollbacks set to 5 or more.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223204 JUSX-DM-000087 SV-223204r513301_rule Low
Description
Backup of the configuration files allows recovery in case of corruption, misconfiguration, or catastrophic failure. The maximum number of rollbacks for the SRX is 50 while the default is 5 which is recommended as a best practice. Increasing this backup configuration number will result in increased disk usage and increase the number of files to manage. Organizations should not set the value to zero.
STIG Date
Juniper SRX SG NDM Security Technical Implementation Guide 2021-03-25

Details

Check Text ( C-24877r513299_chk )
To view the current setting for maximum number of rollbacks enter the following command.

[edit]
show system max-configuration-rollbacks

If the number of back up configurations is not set to an organization-defined value which is 5 or more, this is a finding.
Fix Text (F-24865r513300_fix)
To configure number of backup configurations to be stored in the configuration partition enter the following command at the configuration hierarchy.

[edit]
set system max-configuration-rollbacks