Juniper EX Series Switches Router Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Juniper router must be configured to restrict traffic destined to itself.
<VulnDiscussion>The routing engine (RE) handles traffic destined to the router—the key component used to build forwarding paths and is also i...Rule High Severity -
SRG-NET-000205-RTR-000002
<GroupDescription></GroupDescription>Group -
The Juniper router must be configured to drop all fragmented Internet Control Message Protocol (ICMP) packets destined to itself.
<VulnDiscussion>Fragmented ICMP packets can be generated by hackers for denial-of-service (DoS) attacks such as Ping O' Death and Teardrop. I...Rule Medium Severity -
SRG-NET-000205-RTR-000003
<GroupDescription></GroupDescription>Group -
The Juniper perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.
<VulnDiscussion>Vulnerability assessments must be reviewed by the System Administrator, and protocols must be approved by the Information Ass...Rule Medium Severity -
SRG-NET-000205-RTR-000004
<GroupDescription></GroupDescription>Group -
The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction.
<VulnDiscussion>Firewall filters are used to separate data traffic into that which it will route (permitted packets) and that which it will n...Rule Medium Severity -
SRG-NET-000205-RTR-000005
<GroupDescription></GroupDescription>Group -
The Juniper perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction.
<VulnDiscussion>Firewall filters are used to separate data traffic into that which it will route (permitted packets) and that which it will n...Rule Medium Severity -
The Juniper PE router must be configured to block any traffic that is destined to IP core infrastructure.
<VulnDiscussion>IP/MPLS networks providing VPN and transit services must provide, at the least, the same level of protection against denial-o...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.