STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Firewall Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-206704r604133_rule
V-206704
SRG-NET-000364
SRG-NET-000364-FW-000032
CAT II
10
Configure a security policy to each outbound zone and/or interface to implement continuous filtering of outbound traffic.
Apply security policy zones/interfaces (including the management interface) through which outbound traffic flows to untrusted external networks or subnetworks.
Obtain and review the list of authorized sources and destinations. This is usually part of the System Design Specification, Accreditation or Authorization Package, ports, protocols, and services documentation, and Ports, Protocols, and Services Management (PPSM) database.
If the list of authorized sources and destinations is not available, this is a finding.
Review the firewall configuration for each of the configured outbound zones and interfaces.
Verify a security policy is applied to each outbound zone/interface, including the management interface.
If an egress filter is not configured for each active outbound zone or interface, this is a finding.
V-206704
False
SRG-NET-000364-FW-000032
Obtain and review the list of authorized sources and destinations. This is usually part of the System Design Specification, Accreditation or Authorization Package, ports, protocols, and services documentation, and Ports, Protocols, and Services Management (PPSM) database.
If the list of authorized sources and destinations is not available, this is a finding.
Review the firewall configuration for each of the configured outbound zones and interfaces.
Verify a security policy is applied to each outbound zone/interface, including the management interface.
If an egress filter is not configured for each active outbound zone or interface, this is a finding.
M
2912