The network device must maintain the integrity of information during aggregation and encapsulation in preparation for transmission.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000209-NDM-000152	SRG-NET-000209-NDM-000152	SRG-NET-000209-NDM-000152_rule		Low

Description
This control applies to communications across internal and external networks. The network device must employ cryptographic mechanisms to recognize changes to information while preparing information for transmission unless the transmission is otherwise protected by alternative physical measures. If connectivity is provided by a commercial service provider rather than a dedicated service, obtaining the necessary assurances regarding the implementation of needed security controls for transmission integrity may not be possible. Without cryptographic integrity controls, information traveling over commercial networks could be altered or compromised during transmission. Therefore, these controls must be obtained from the service provider using appropriate contracting vehicles. If this is not feasible, then the organization will implement physical or logical compensating security controls.

Description

This control applies to communications across internal and external networks. The network device must employ cryptographic mechanisms to recognize changes to information while preparing information for transmission unless the transmission is otherwise protected by alternative physical measures. If connectivity is provided by a commercial service provider rather than a dedicated service, obtaining the necessary assurances regarding the implementation of needed security controls for transmission integrity may not be possible. Without cryptographic integrity controls, information traveling over commercial networks could be altered or compromised during transmission. Therefore, these controls must be obtained from the service provider using appropriate contracting vehicles. If this is not feasible, then the organization will implement physical or logical compensating security controls.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000209-NDM-000152_chk )
Verify the network device maintains the integrity of information during aggregation and encapsulation in preparation for transmission. If the network device does not maintain the integrity of information during aggregation and encapsulation in preparation for transmission, this is a finding.

Fix Text (F-SRG-NET-000209-NDM-000152_fix)
Configure the network device to maintain the integrity of information during aggregation and encapsulation in preparation for transmission.