Juniper Router RTR Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Juniper router must be configured to have Internet Control Message Protocol (ICMP) unreachable messages disabled on all external interfaces.
The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Host unreachable ICMP ...Rule Medium Severity -
SRG-NET-000362-RTR-000114
Group -
SRG-NET-000362-RTR-000115
Group -
The Juniper router must be configured to have Internet Control Message Protocol (ICMP) redirect messages disabled on all external interfaces.
The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Redirect ICMP messages...Rule Medium Severity -
SRG-NET-000078-RTR-000001
Group -
The Juniper router must be configured to log all packets that have been dropped.
Auditing and logging are key components of any security architecture. It is essential for security personnel to know what is being done or attempted to be done, and by whom, to compile an accurate ...Rule Low Severity -
SRG-NET-000076-RTR-000001
Group -
SRG-NET-000077-RTR-000001
Group -
The Juniper router must be configured to produce audit records containing information to establish the source of the events.
Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up to an outage or attack. In order to compile an accurate risk assessmen...Rule Medium Severity -
SRG-NET-000019-RTR-000001
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.