Application Layer Gateway Security Requirements Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

SRG-NET-000233

Group

Show

The ALG must recognize only system-generated session identifiers.

<VulnDiscussion>Network elements (depending on function) utilize sessions and session identifiers to control application behavior and user ac...

Rule Medium Severity

Show

SRG-NET-000234

Group

Show

The ALG must generate unique session identifiers using a FIPS 140-2 approved random number generator.

<VulnDiscussion>Sequentially generated session IDs can be easily guessed by an attacker. Employing the concept of randomness in the generatio...

Rule Medium Severity

Show

SRG-NET-000235

Group

Show

The ALG must fail to a secure state upon failure of initialization, shutdown, or abort actions.

<VulnDiscussion>Failure to a known safe state helps prevent systems from failing to a state that may cause loss of data or unauthorized acces...

Rule Medium Severity

Show

SRG-NET-000236

Group

Show

The ALG that is part of a CDS must block the transfer of data with malformed security attribute metadata structures.

<VulnDiscussion>Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is informatio...

Rule Medium Severity

Show

In the event of a system failure of the ALG function, the ALG must save diagnostic information, log system messages, and load the most current security policies, rules, and signatures when restarted.

<VulnDiscussion>Failure in a secure state can address safety or security in accordance with the mission needs of the organization. Failure to...

Rule Medium Severity

Show

SRG-NET-000246

Group

Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity

Modules