STIGQter: STIG Summary: Juniper SRX SG NDM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Juniper SRX Services Gateway must terminate a device management session if the keep-alive count is exceeded.

DISA Rule

SV-223232r539622_rule

Vulnerability Number

V-223232

Group Title

SRG-APP-000190-NDM-000267

Rule Version

JUSX-DM-000157

Severity

CAT II

CCI(s)

• CCI-001133 - The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Configure this setting by entering the following commands in configuration mode.

[edit]
set system services ssh client-alive-count-max <organization-defined value>
set system services ssh client-alive-interval <organization-defined value>

Check Contents

Verify this setting by entering the following commands in configuration mode.

[edit]
show system services ssh

If the keep-alive count and keep-alive interval is not set to an organization-defined value, this is a finding.

Vulnerability Number

V-223232

Documentable

False

Rule Version

JUSX-DM-000157

Severity Override Guidance

Verify this setting by entering the following commands in configuration mode.

[edit]
show system services ssh

If the keep-alive count and keep-alive interval is not set to an organization-defined value, this is a finding.

Check Content Reference

M

Target Key

4098

Comments