A firewall or router rule is not used to block all ingress and egress traffic from the enclave perimeter to the MFD or printer.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6779	MFD01.003	SV-7001r1_rule	DCBP-1	Medium

Description
Access to the MFD or printer from outside the enclave network could lead to a denial of service caused by a large number of large print files being sent to the device. Ability for the MFD or printer to access addresses outside the enclave network could lead to a compromise of sensitive data caused by forwarding a print file to a location outside of the enclave network. This is good defence in depth practice. The SA will ensure there is a firewall or router rule to block all ingress and egress traffic from the enclave perimeter to the MFD or printer.

Description

Access to the MFD or printer from outside the enclave network could lead to a denial of service caused by a large number of large print files being sent to the device. Ability for the MFD or printer to access addresses outside the enclave network could lead to a compromise of sensitive data caused by forwarding a print file to a location outside of the enclave network. This is good defence in depth practice. The SA will ensure there is a firewall or router rule to block all ingress and egress traffic from the enclave perimeter to the MFD or printer.

STIG	Date
Multifunction Device and Network Printers STIG	2015-12-18

Details

Check Text ( C-2954r1_chk )
The reviewer will interview the SA to verify that there is a firewall or router rule to block all ingress and egress traffic from the enclave perimeter to the MFD or printer.

Fix Text (F-6432r1_fix)
Ensure that there is a firewall or router rule to block all ingress and egress traffic from the enclave perimeter to the MFD or printer.