Router Security Requirements Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces.
<VulnDiscussion>The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ...Rule Medium Severity -
SRG-NET-000362
<GroupDescription></GroupDescription>Group -
The Multicast Source Discovery Protocol (MSDP) router must be configured to only accept MSDP packets from known MSDP peers.
<VulnDiscussion>MSDP peering with customer network routers presents additional risks to the DISN Core, whether from a rogue or misconfigured ...Rule Medium Severity -
SRG-NET-000365
<GroupDescription></GroupDescription>Group -
The BGP router must be configured to use the maximum prefixes feature to protect against route table flooding and prefix de-aggregation attacks.
<VulnDiscussion>The effects of prefix de-aggregation can degrade router performance due to the size of routing tables and also result in blac...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules