Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-18648 | NET-TUNL-007 | SV-20240r2_rule | ECSC-1 | Medium |
Description |
---|
Having tunnels in a permit any any posture allow traffic to enter and exit the enclave without control from the Information Assurance team or SA. |
STIG | Date |
---|---|
Perimeter L3 Switch Security Technical Implementation Guide - Cisco | 2018-08-22 |
Check Text ( C-22367r1_chk ) |
---|
Follow the procedures defined in NET-TUNL-002 to determine all tunnel entry and exit points, then ensure each end-point is in a deny by default posture inbound and outbound. |
Fix Text (F-19293r1_fix) |
---|
Apply a deny by default posture on every tunnel end-point. |