UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must uniquely authenticate source domains for information transfer.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000025-NDM-NA SRG-NET-000025-NDM-NA SRG-NET-000025-NDM-NA_rule Medium
Description
Identifying source address for information flows within the network allows forensic reconstruction of events when required, and increases policy compliance by attributing policy violations to specific individuals. Means to enforce this enhancement include ensuring the network device authenticates the source involved in sending information. Network device policies or rules may be configured to allow a source subnet or IP address range, and a possible destination of ANY, but the monitoring, logging, and auditing mechanism must identify the specific source and destination IP addresses and ports/protocols and, if configured, the source and destination DNS. Examples of information transfer for the network device are communications with the router, IPS, or central logging server. Without unique identifiers, the audit records of these information transfers would not be useful when tracking possible violations. This requirement is applicable to specific devices and does not involve the management of a network device.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000025-NDM-NA_chk )
This requirement is NA for network device management.
Fix Text (F-SRG-NET-000025-NDM-NA_fix)
This requirement is NA for network device management.