II - Mission Support Public
Rules and Groups employed by this XCCDF Profile
-
NET0346
<GroupDescription></GroupDescription>Group -
All hosted NIPRNet-only applications must be located in a local enclave Demilitarized Zone (DMZ).
<VulnDiscussion>Without the protection of a DMZ, production networks will be prone to outside attacks as they are allowing externally accessi...Rule Medium Severity -
NET0348
<GroupDescription></GroupDescription>Group -
All Internet-facing applications must be hosted in a DoD Demilitarized Zone (DMZ) Extension.
<VulnDiscussion>Without the protection of a DMZ, production networks will be prone to outside attacks as they are allowing externally accessi...Rule Medium Severity -
NET0351
<GroupDescription></GroupDescription>Group -
When protecting the boundaries of a network, the firewall must be placed between the private network and the perimeter router and the Demilitarized Zone (DMZ).
<VulnDiscussion>The only way to mediate the flow of traffic between the inside network, the outside connection, and the DMZ is to place the f...Rule Medium Severity -
NET0365
<GroupDescription></GroupDescription>Group -
The organization must implement a deep packet inspection solution when protecting perimeter boundaries.
<VulnDiscussion>Deep packet inspection (DPI) examines the packet beyond the Layer 4 header by examining the payload to identify the applicati...Rule High Severity -
NET0369
<GroupDescription></GroupDescription>Group -
A deny-by-default security posture must be implemented for traffic entering and leaving the enclave.
<VulnDiscussion>To prevent malicious or accidental leakage of traffic, organizations must implement a deny-by-default security posture at the...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.