STIGQter: STIG Summary: Router Security Requirements Guide Version: 4 Release: 2 Benchmark Date: 23 Apr 2021:

The router must be configured to implement message authentication for all control plane protocols.

DISA Rule

SV-216982r604135_rule

Vulnerability Number

V-216982

Group Title

SRG-NET-000230

Rule Version

SRG-NET-000230-RTR-000001

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002205 - The information system uniquely identifies and authenticates source by organization, system, application, and/or individual for information transfer.

Weight

10

Fix Recommendation

Configure authentication to be enabled for every protocol that affects the routing or forwarding tables.

Check Contents

Review the router configuration.

For every protocol that affects the routing or forwarding tables (where information is exchanged between neighbors), verify that neighbor router authentication is enabled.

If authentication is not enabled, this is a finding.

Vulnerability Number

V-216982

Documentable

False

Rule Version

SRG-NET-000230-RTR-000001

Severity Override Guidance

Review the router configuration.

For every protocol that affects the routing or forwarding tables (where information is exchanged between neighbors), verify that neighbor router authentication is enabled.

If authentication is not enabled, this is a finding.

Check Content Reference

M

Target Key

2917

Comments