Application Layer Gateway Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The ALG providing encryption intermediary services must use NIST FIPS-validated cryptography to implement encryption services.
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The network element must implement cryptographic modules adhering to the higher standa...Rule Medium Severity -
The ALG must off-load audit records onto a centralized log server in real time.
Off-loading ensures audit information does not get overwritten if the limited audit storage capacity is reached and also protects the audit record in case the system/component being audited is comp...Rule Medium Severity -
The ALG must be configured in accordance with the security configuration settings based on DoD security policy and technology-specific security best practices.
Configuring the network element to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security bas...Rule Medium Severity -
The ALG that intermediary services for FTP must inspect inbound and outbound FTP communications traffic for protocol compliance and protocol anomalies.
Application protocol anomaly detection examines application layer protocols such as FTP to identify attacks based on observed deviations in the normal RFC behavior of a protocol or service. This ty...Rule Medium Severity -
The ALG providing user access control intermediary services must generate audit records when successful/unsuccessful attempts to access privileges occur.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
The ALG providing user access control intermediary services must provide the capability for users to directly initiate a session lock.
A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not want to log out because of the temporar...Rule Medium Severity -
The ALG providing user access control intermediary services must automatically terminate a user session when organization-defined conditions or trigger events that require a session disconnect occur.
Automatic session termination addresses the termination of user-initiated logical sessions in contrast to the termination of network connections that are associated with communications sessions (i....Rule Medium Severity -
The ALG must employ organization-defined controls by type of denial of service (DoS) to achieve the DoS objective.
DoS events can occur due to a variety of internal and external causes, such as an attack by an adversary or a lack of planning to support organizational needs with respect to capacity and bandwidth...Rule Medium Severity -
The ALG must establish organization-defined alternate communications paths for system operations organizational command and control.
An incident, whether adversarial- or nonadversarial-based, can disrupt established communications paths used for system operations and organizational command and control. Alternate communications p...Rule Medium Severity -
The ALG must implement signature based and/or nonsignature based malicious code protection mechanisms at system entry and exit points to detect and eradicate malicious code.
System entry and exit points include firewalls, remote access servers, workstations, electronic mail servers, web servers, proxy servers, notebook computers, and mobile devices. Malicious code incl...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.