Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The router must connect to external networks only through managed interfaces consisting of boundary protection devices arranged in accordance with organizational security architecture.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000206-RTR-000110 | SRG-NET-000206-RTR-000110 | SRG-NET-000206-RTR-000110_rule | Medium |
| Description |
|---|
| The router will build a state to allow return traffic for all initiated traffic that is permitted outbound. Monitoring and filtering the outbound traffic adds a layer of protection to the enclave, by preventing a network from being used as an attack base. All routers must be configured to ensure all traffic is forwarded through the perimeter security infrastructure when sending traffic to external destinations. |
| STIG | Date |
|---|---|
| Router Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000206-RTR-000110_chk ) |
|---|
| Review the configuration for each active interface on the router. Verify each interface has an inbound and/or outbound filter. If external router interfaces do not have filters applied, this is a finding. |
| Fix Text (F-SRG-NET-000206-RTR-000110_fix) |
|---|
| Configure each active interface on the router with an inbound and/or outbound filter. |