Application Layer Gateway (ALG) Security Requirements Guide (SRG)
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000512-ALG-000062
<GroupDescription></GroupDescription>Group -
The ALG must be configured in accordance with the security configuration settings based on DoD security policy and technology-specific security best practices.
<VulnDiscussion>Configuring the network element to implement organization-wide security implementation guides and security checklists ensures...Rule Medium Severity -
SRG-NET-000512-ALG-000064
<GroupDescription></GroupDescription>Group -
The ALG that provides intermediary services for SMTP must inspect inbound and outbound SMTP and Extended SMTP communications traffic for protocol compliance and protocol anomalies.
<VulnDiscussion>Application protocol anomaly detection examines application layer protocols such as SMTP to identify attacks based on observe...Rule Medium Severity -
SRG-NET-000512-ALG-000065
<GroupDescription></GroupDescription>Group -
The ALG that intermediary services for FTP must inspect inbound and outbound FTP communications traffic for protocol compliance and protocol anomalies.
<VulnDiscussion>Application protocol anomaly detection examines application layer protocols such as FTP to identify attacks based on observed...Rule Medium Severity -
SRG-NET-000512-ALG-000066
<GroupDescription></GroupDescription>Group -
The ALG that is part of a CDS, when transferring information between different security domains, must use organization-defined data type identifiers to validate data essential for information flow decisions.
<VulnDiscussion>Information flow decisions based on invalid data may allow unintended and unauthorized data flows, and therefore risk the con...Rule Medium Severity -
SRG-NET-000282-ALG-000071
<GroupDescription></GroupDescription>Group -
The ALG that provides intermediary services for HTTP must inspect inbound and outbound HTTP traffic for protocol compliance and protocol anomalies.
<VulnDiscussion>Application protocol anomaly detection examines application layer protocols such as HTTP to identify attacks based on observe...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.