Skip to content
Log In

Juniper SRX Services Gateway ALG Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000015-ALG-000016

    Group
    Show

  • SRG-NET-000492-ALG-000027

    Group
    Show

  • SRG-NET-000493-ALG-000028

    Group
    Show

  • SRG-NET-000333-ALG-000049

    Group
    Show

  • The Juniper SRX Services Gateway Firewall must be configured to support centralized management and configuration of the audit log.

    Without the ability to centrally manage the content captured in the audit records, identification, troubleshooting, and correlation of suspicious behavior would be difficult and could lead to a del...
    Rule Medium Severity
    Show

  • SRG-NET-000089-ALG-000055

    Group
    Show

  • SRG-NET-000131-ALG-000085

    Group
    Show

  • SRG-NET-000131-ALG-000086

    Group
    Show

  • SRG-NET-000131-ALG-000086

    Group
    Show

  • The Juniper SRX Services Gateway Firewall must not be configured as a DNS proxy since providing this network service is unrelated to the role as a Firewall.

    Information systems are capable of providing a wide variety of functions (capabilities or processes) and services. Some of these functions and services are installed and enabled by default. The org...
    Rule Medium Severity
    Show

  • SRG-NET-000131-ALG-000086

    Group
    Show

  • SRG-NET-000132-ALG-000087

    Group
    Show

  • SRG-NET-000213-ALG-000107

    Group
    Show

  • SRG-NET-000362-ALG-000112

    Group
    Show

  • SRG-NET-000362-ALG-000120

    Group
    Show

  • The Juniper SRX Services Gateway Firewall must implement load balancing on the perimeter firewall, at a minimum, to limit the effects of known and unknown types of denial-of-service (DoS) attacks on the network.

    If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Load balancing provides service redundancy, which reduces the susceptibility of the A...
    Rule Medium Severity
    Show

  • SRG-NET-000362-ALG-000126

    Group
    Show

  • The Juniper SRX Services Gateway Firewall must protect against known types of denial-of-service (DoS) attacks by implementing signature-based screens.

    If the network does not provide safeguards against DoS attacks, network resources will be unavailable to users. Installation of content filtering gateways and application layer firewalls at key bou...
    Rule High Severity
    Show

  • SRG-NET-000192-ALG-000121

    Group
    Show

  • The Juniper SRX Services Gateway Firewall must block outbound traffic containing known and unknown denial-of-service (DoS) attacks to protect against the use of internal information systems to launch any DoS attacks against other networks or endpoints.

    DoS attacks can take multiple forms but have the common objective of overloading or blocking a network or host to deny or seriously degrade performance. If the network does not provide safeguards a...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules