Skip to content
Log In

F5 BIG-IP Advanced Firewall Manager Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000019-ALG-000018

    Group
    Show

  • The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

    Information flow control regulates where information is allowed to travel within a network and between interconnected networks. Blocking or restricting detected harmful or suspicious communications...
    Rule High Severity
    Show

  • SRG-NET-000074-ALG-000043

    Group
    Show

  • The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.

    Without establishing what type of event occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. Audit record content that may be nece...
    Rule Medium Severity
    Show

  • SRG-NET-000364-ALG-000122

    Group
    Show

  • The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations.

    Unrestricted traffic may contain malicious traffic that poses a threat to an enclave or to other connected networks. Additionally, unrestricted traffic may transit a network, which uses bandwidth a...
    Rule Medium Severity
    Show

  • SRG-NET-000380-ALG-000128

    Group
    Show

  • The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.

    A common vulnerability of network elements is unpredictable behavior when invalid inputs are received. This requirement guards against adverse or unintended system behavior caused by invalid inputs...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules