DISA Microsoft Windows Firewall v1r7

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Microsoft Windows Firewall v1r7

Updated: 3/8/2022

Authority: DISA STIG

Plugin: Windows

Revision: 1.8

Estimated Item Count: 21

Audit Items

Description	Categories
WNFWA-000001 - The Windows Firewall with Advanced Security must be enabled when connected to a domain.	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000002 - The Windows Firewall with Advanced Security must be enabled when connected to a private network.	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000003 - The Windows Firewall with Advanced Security must be enabled when connected to a public network.	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000004 - The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a domain.	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000005 - The Windows Firewall must allow outbound connections when connected to a domain.	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000009 - The Windows Firewall with Advanced Security log size must be configured for domain connections.	AUDIT AND ACCOUNTABILITY
WNFWA-000010 - The Windows Firewall with Advanced Security must log dropped packets when connected to a domain.	AUDIT AND ACCOUNTABILITY
WNFWA-000011 - The Windows Firewall with Advanced Security must log successful connections when connected to a domain.	AUDIT AND ACCOUNTABILITY
WNFWA-000012 - The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a private network.	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000013 - The Windows Firewall must allow outbound connections when connected to a private network	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000017 - The Windows Firewall with Advanced Security log size must be configured for private network connections.	AUDIT AND ACCOUNTABILITY
WNFWA-000018 - The Windows Firewall with Advanced Security must log dropped packets when connected to a private network.	AUDIT AND ACCOUNTABILITY
WNFWA-000019 - The Windows Firewall with Advanced Security must log successful connections when connected to a private network.	AUDIT AND ACCOUNTABILITY
WNFWA-000020 - The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a public network.	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000021 - The Windows Firewall must allow outbound connections when connected to a public network	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000024 - The Windows Firewall must not be merged with Group Policy settings when connected to a public network	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000025 - The Windows Firewall local connection rules must not be merged with Group Policy settings	SYSTEM AND COMMUNICATIONS PROTECTION
WNFWA-000027 - The Windows Firewall with Advanced Security log size must be configured for public network connections.	AUDIT AND ACCOUNTABILITY
WNFWA-000028 - The Windows Firewall with Advanced Security must log dropped packets when connected to a public network.	AUDIT AND ACCOUNTABILITY
WNFWA-000029 - The Windows Firewall with Advanced Security must log successful connections when connected to a public network.	AUDIT AND ACCOUNTABILITY
WNFWA-000100 - Inbound exceptions to the firewall on domain workstations must only allow authorized remote management hosts.	ACCESS CONTROL

Detections

Analytics

DISA Microsoft Windows Firewall v1r7

Warning! Audit Deprecated

Audit Details

Audit Items