III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
The firewall must generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate.
<VulnDiscussion>Without generating log records that are specific to the security and mission needs of the organization, it would be difficult...Rule Medium Severity -
SRG-NET-000364
<GroupDescription></GroupDescription>Group -
The firewall must be configured to inspect all inbound and outbound traffic at the application layer.
<VulnDiscussion>Application inspection enables the firewall to control traffic based on different parameters that exist within the packets su...Rule Medium Severity -
SRG-NET-000364
<GroupDescription></GroupDescription>Group -
The firewall must be configured to inspect all inbound and outbound IPv6 traffic for unknown or out-of-order extension headers.
<VulnDiscussion>IPv6 packets with unknown extension headers as well as out-of-order headers can create denial-of-service attacks for other ne...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules