STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015: STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:SV-68599r1_rule
V-54353
SRG-NET-000061-ALG-000009
SRG-NET-000061-ALG-000009
CAT II
10
If intermediary services for remote access communications traffic are provided, configure the ALG to either provide content inspection for inbound and outbound traffic or route the traffic to be inspected for compliance with remote access security policies.
If the ALG does not serve as an intermediary for remote access traffic (e.g., web content filter, TLS and webmail), this is not applicable.
Verify the ALG is configured to inspect traffic or forward to a monitoring device for inspection prior to forwarding to inbound or outbound destinations.
Verify that the communications package is either forwarded or disallowed and that the process does not alter the original data payload that is forwarded to the destination application.
If the ALG does not ensure inbound and outbound traffic is monitored for compliance with remote access security policies, this is a finding.
V-54353
False
SRG-NET-000061-ALG-000009
If the ALG does not serve as an intermediary for remote access traffic (e.g., web content filter, TLS and webmail), this is not applicable.
Verify the ALG is configured to inspect traffic or forward to a monitoring device for inspection prior to forwarding to inbound or outbound destinations.
Verify that the communications package is either forwarded or disallowed and that the process does not alter the original data payload that is forwarded to the destination application.
If the ALG does not ensure inbound and outbound traffic is monitored for compliance with remote access security policies, this is a finding.
M
2489