Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
A host-based firewall must be configured on the SCOM management servers.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-237440 | SCOM-SC-000002 | SV-237440r643966_rule | Medium |
| Description |
|---|
| To prevent a DDoS, a firewall that inspects and drops packets must be configured. |
| STIG | Date |
|---|---|
| Microsoft SCOM Security Technical Implementation Guide | 2021-03-15 |
Details
| Check Text ( C-40659r643964_chk ) |
|---|
| The steps in this check will vary based on the host-based firewall being used in the environment. For Windows Firewall, type wf.msc. Verify that the firewall is set to On. Click on Inbound rules and verify that there are no any-any allow rules in any profile. If McAfee is installed, it will be visible in the system tray. Verify with a McAfee administrator that there are no any-any rules allowing full access. If no host-based firewall is installed, or a host-based firewall is configured to allow all traffic inbound, this is a finding. |
| Fix Text (F-40622r643965_fix) |
|---|
| Configure a host-based firewall based on the organization's standards. A full list of ports needed for SCOM to function properly can be found here: https://docs.microsoft.com/en-us/system-center/scom/plan-security-config-firewall?view=sc-om-2019. |