The out-of-band management (OOBM) gateway router must be configured to forward only authorized management traffic to the Network Operations Center (NOC).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-207142 | SRG-NET-000205-RTR-000010 | SV-207142r604135_rule | Medium |
| Description |
| STIG | Date |
| Router Security Requirements Guide | 2024-05-28 |
Details
| Check Text (C-7403r382409_chk) |
| This requirement is not applicable for the DoDIN Backbone. Review the network topology diagram to determine connectivity between the managed network and the NOC. Review the OOBM gateway router configuration to validate the path that the management traffic traverses. Verify that only management traffic is forwarded through the OOBM interface or IPsec tunnel. If traffic other than authorized management traffic is permitted through the OOBM interface or IPsec tunnel, this is a finding. |
| Fix Text (F-7403r382410_fix) |
| This requirement is not applicable for the DoDIN Backbone. Configure filters based on port, source IP address, and destination IP address to permit only authorized management traffic into IPsec tunnels or the OOBM interface used for forwarding management data. |