The network element must route organizationally defined internal communications traffic destined for organizationally defined external networks through authenticated application firewalls (application proxy servers) at managed interfaces.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000203-RTR-NA | SRG-NET-000203-RTR-NA | SRG-NET-000203-RTR-NA_rule | Medium |
| Description |
|---|
| A proxy server is designed to hide the identity of the client when making a connection to a server on the outside of its network such as a web server, web mail, and chat rooms. This prevents any hackers on the outside from learning IP addresses within the private network. With a proxy acting as the mediator, the client does not interact directly with the servers it is connecting to--the-proxy server is in the middle handling both sides of the session. Hence, all routing devices must forward traffic to the appropriate proxy to filter the traffic and initiate the sessions with the external server. This requirement is applicable to network devices such as firewalls and is not applicable to the routing function. |
| STIG | Date |
|---|---|
| Router Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000203-RTR-NA_chk ) |
|---|
| This requirement is NA for router. |
| Fix Text (F-SRG-NET-000203-RTR-NA_fix) |
|---|
| This requirement is NA for router. |