1.6 Ensure maximum RAM is installed

Information

The router should have the maximum RAM installed.

Rationale:

Some Denial of Service attacks rely on exhausting the target routers memory resources by bombarding the router with bogus requests or traffic, when the router runs out of memory it will stop being able to service genuine requests and may be unable to perform critical tasks like maintaining route tables.

Juniper routers are somewhat more resilient to this type of attack then some other systems due to the separation of the Control and Forwarding planes, but attacks against router services may still cause disruption.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Installing the most RAM available for your system will both help to mitigate these attacks and boost performance of your routers. In most cases RAM upgrades are extremely cost effective way to increase router performance and survivability.

See Also

https://workbench.cisecurity.org/files/3069

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv7|11

Plugin: Juniper

Control ID: b2e70474a2fcdd50efe001ee6a5d068161d794790c34a1778ff5a4bb2005c5d3