Skip to content
Catalogs
XCCDF
Application Layer Gateway (ALG) Security Requirements Guide (SRG)
SRG-NET-000022-ALG-000069
The ALG that is part of a CDS must allow privileged administrators to configure and make changes to all security policy filters that are used to enforce information flow control.
The ALG that is part of a CDS must allow privileged administrators to configure and make changes to all security policy filters that are used to enforce information flow control. An XCCDF Rule
The ALG that is part of a CDS must allow privileged administrators to configure and make changes to all security policy filters that are used to enforce information flow control.
Medium Severity
<VulnDiscussion>The use of security policy filters provides protection for the confidentiality of data by restricting the flow of data. The capability to configure policy filters allows the ALG to enforce more granular security policies to meet complex and changing mission needs.
Policy filters enforce organizational security policy as it pertains to controlling data flow. Security policy filters can address data structures and content. These filters may include dirty word filters, file type checking filters, structured data filters, unstructured data filters, metadata content filters, and hidden content filters.
The cross domain solution must be configured to restrict management access according to the privilege level the user has been granted. Authorization to configure security policies requires the highest privilege level. This control requires the device have the capability for privileged administrators to configure security filters and to reconfigure these policies as needed to support changes in security policy.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>