STIGQter: STIG Summary: Router Security Requirements Guide Version: 4 Release: 2 Benchmark Date: 23 Apr 2021:

The BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.

DISA Rule

SV-207172r604135_rule

Vulnerability Number

V-207172

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-RTR-000001

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure that the router’s loopback address is used as the source address when originating traffic.

Check Contents

Review the router configuration to verify that a loopback address has been configured.

Verify that a loopback interface is used as the source address for all iBGP sessions.

If the router does not use its loopback address as the source address for all iBGP sessions, this is a finding.

Vulnerability Number

V-207172

Documentable

False

Rule Version

SRG-NET-000512-RTR-000001

Severity Override Guidance

Review the router configuration to verify that a loopback address has been configured.

Verify that a loopback interface is used as the source address for all iBGP sessions.

If the router does not use its loopback address as the source address for all iBGP sessions, this is a finding.

Check Content Reference

M

Target Key

2917

Comments