Skip to content
Log In

Firewall Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The firewall must generate traffic log entries containing information to establish the source of the events, such as the source IP address at a minimum.

    Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In order to compile an accurate risk assessment...
    Rule Low Severity
    Show

  • SRG-NET-000078

    Group
    Show

  • The firewall must generate traffic log entries containing information to establish the outcome of the events, such as, at a minimum, the success or failure of the application of the firewall rule.

    Without information about the outcome of events, security personnel cannot make an accurate assessment as to whether an attack was successful or if changes were made to the security state of the ne...
    Rule Medium Severity
    Show

  • SRG-NET-000098

    Group
    Show

  • The firewall must be configured to use TCP when sending log records to the central audit server.

    If the default UDP protocol is used for communication between the hosts and devices to the Central Log Server, then log records that do not reach the log server are not detected as a data loss. The...
    Rule Medium Severity
    Show

  • SRG-NET-000099

    Group
    Show

  • SRG-NET-000100

    Group
    Show

  • The firewall must protect the traffic log from unauthorized deletion of local log files and log records.

    If audit data were to become compromised, forensic analysis and discovery of the true source of potentially malicious system activity would be impossible to achieve. To ensure the veracity of audi...
    Rule Medium Severity
    Show

  • SRG-NET-000131

    Group
    Show

  • The firewall must disable or remove unnecessary network services and functions that are not used as part of its role in the architecture.

    Network devices are capable of providing a wide variety of functions (capabilities or processes) and services. Some of these functions and services are installed and enabled by default. The organiz...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules