The network element must disable the use of organizationally defined networking protocols deemed non-secure, except for explicitly identified components in support of specific operational requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000067-RTR-NA	SRG-NET-000067-RTR-NA	SRG-NET-000067-RTR-NA_rule		Low

Description
Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Some networking protocols that allow remote access may not meet security requirements to protect data and components. The organization can either make a determination as to the relative security of the networking protocol or base the security decision on the assessment of other entities. This requirement is applicable to remote access and is not applicable to the routing function.

Description

Remote access is any access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Examples of remote access methods include dial-up, broadband, and wireless. Some networking protocols that allow remote access may not meet security requirements to protect data and components. The organization can either make a determination as to the relative security of the networking protocol or base the security decision on the assessment of other entities. This requirement is applicable to remote access and is not applicable to the routing function.

STIG	Date
Router Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000067-RTR-NA_chk )
This requirement is NA for router.

Fix Text (F-SRG-NET-000067-RTR-NA_fix)
This requirement is NA for router.