IBM z/VM must be protected by an external firewall that has a deny-all, allow-by-exception policy.

Description

<VulnDiscussion>Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Firewalls provide monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>