UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must not have unnecessary services and functions enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000131-NDM-NA SRG-NET-000131-NDM-NA SRG-NET-000131-NDM-NA_rule Medium
Description
Information systems are capable of providing a wide variety of functions (capabilities or processes) and services. Some of these functions and services are installed and enabled by default. The organization must determine which functions and services are required to perform the content filtering and other necessary core functionality for each component of the network device. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors. The primary functionality of a network device is the monitoring of internal and external perimeters of the network, allowing or disallowing access based on content filtering. The network device application suite may integrate related content filtering and analysis services and tools (e.g., IPS, proxy, malware inspection, or VPN). Services and capabilities which are unrelated to this primary functionality must not be installed (e.g., DNS, email client or server, ftp server, or web server). This is specific to the underlying Operating System of the network device and is not applicable for Network Device Management. It will be handled under the appropriate OS guidance.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000131-NDM-NA_chk )
This requirement is NA for network device management.
Fix Text (F-SRG-NET-000131-NDM-NA_fix)
This requirement is NA for network device management.