UCF STIG Viewer Logo

Microsoft Windows Firewall with Advanced Security Security Technical Implementation Guide


Overview

Date Finding Count (21)
2021-10-15 CAT I (High): 3 CAT II (Med): 9 CAT III (Low): 9
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-242002 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a public network.
V-241997 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a private network.
V-241992 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a domain.
V-242009 Medium Inbound exceptions to the firewall on domain workstations must only allow authorized remote management hosts.
V-242003 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a public network.
V-242005 Medium The Windows Firewall with Advanced Security local connection rules must not be merged with Group Policy settings when connected to a public network.
V-242004 Medium The Windows Firewall with Advanced Security local firewall rules must not be merged with Group Policy settings when connected to a public network.
V-241998 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a private network.
V-241989 Medium The Windows Firewall with Advanced Security must be enabled when connected to a domain.
V-241990 Medium The Windows Firewall with Advanced Security must be enabled when connected to a private network.
V-241991 Medium The Windows Firewall with Advanced Security must be enabled when connected to a public network.
V-241993 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a domain.
V-242008 Low The Windows Firewall with Advanced Security must log successful connections when connected to a public network.
V-242001 Low The Windows Firewall with Advanced Security must log successful connections when connected to a private network.
V-242000 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a private network.
V-242007 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a public network.
V-242006 Low The Windows Firewall with Advanced Security log size must be configured for public network connections.
V-241999 Low The Windows Firewall with Advanced Security log size must be configured for private network connections.
V-241994 Low The Windows Firewall with Advanced Security log size must be configured for domain connections.
V-241995 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a domain.
V-241996 Low The Windows Firewall with Advanced Security must log successful connections when connected to a domain.