STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The firewall must immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones.

DISA Rule

SV-206675r604133_rule

Vulnerability Number

V-206675

Group Title

SRG-NET-000019

Rule Version

SRG-NET-000019-FW-000004

Severity

CAT II

CCI(s)

• CCI-001414 - The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.

Weight

10

Fix Recommendation

Require system administrators to commit and test changes upon configuration of the firewall.

Check Contents

Verify the firewall immediately uses updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones. For example, there is no need to reinitialize or reboot or the action to commit the changes is prompted.

If the firewall does not immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones, this is a finding.

Vulnerability Number

V-206675

Documentable

False

Rule Version

SRG-NET-000019-FW-000004

Severity Override Guidance

Verify the firewall immediately uses updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones. For example, there is no need to reinitialize or reboot or the action to commit the changes is prompted.

If the firewall does not immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones, this is a finding.

Check Content Reference

M

Target Key

2912

Comments