STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG must only allow incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

DISA Rule

SV-68883r1_rule

Vulnerability Number

V-54637

Group Title

SRG-NET-000364-ALG-000122

Rule Version

SRG-NET-000364-ALG-000122

Severity

CAT II

CCI(s)

• CCI-002403 - The information system only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

Weight

10

Fix Recommendation

Configure the ALG to only allow incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

Check Contents

Verify the ALG only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

If the ALG allows incoming communications from unauthorized sources routed to unauthorized destinations, this is a finding.

Vulnerability Number

V-54637

Documentable

False

Rule Version

SRG-NET-000364-ALG-000122

Severity Override Guidance

Verify the ALG only allows incoming communications from organization-defined authorized sources routed to organization-defined authorized destinations.

If the ALG allows incoming communications from unauthorized sources routed to unauthorized destinations, this is a finding.

Check Content Reference

M

Target Key

2489

Comments