Skip to content
Log In

Juniper EX Series Switches Router Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-NET-000205-RTR-000002

    Group
    Show

  • The Juniper router must be configured to drop all fragmented Internet Control Message Protocol (ICMP) packets destined to itself.

    Fragmented ICMP packets can be generated by hackers for denial-of-service (DoS) attacks such as Ping O' Death and Teardrop. It is imperative that all fragmented ICMP packets are dropped.
    Rule Medium Severity
    Show

  • SRG-NET-000205-RTR-000003

    Group
    Show

  • SRG-NET-000205-RTR-000004

    Group
    Show

  • The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction.

    Firewall filters are used to separate data traffic into that which it will route (permitted packets) and that which it will not route (denied packets). Secure configuration of routers makes use of ...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules