UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

External connections to the network must be reviewed and the documentation updated semi-annually.


Overview

Finding ID Version Rule ID IA Controls Severity
V-8048 NET0135 SV-8534r4_rule Medium
Description
A network is only as secure as its weakest link. It is imperative that all external connections be reviewed and kept to a minimum needed for operations. All external connections should be treated as untrusted networks. Reviewing who or what the network is connected to empowers the security manager to make sound judgements and security recommendations. Minimizing backdoor circuits and connections reduces the risk for unauthorized access to network resources.
STIG Date
Network Infrastructure Policy Security Technical Implementation Guide 2017-12-07

Details

Check Text ( C-7429r5_chk )
Review the network topology and interview the ISSO to verify that external connections to the network are reviewed and documented on a semi-annual basis.

If there are any external connections that have not been documented, or if the connections are not reviewed on a semi-annual basis, this is a finding.
Fix Text (F-7623r3_fix)
Implement a semi-annual review process to document and account for external connections to the organization.