AOSX-13-000155 - The macOS system firewall must be configured with a default-deny policy.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

An approved firewall must be installed and enabled to work in concert with the macOS Application Firewall. When configured correctly, firewalls protect computers from network attacks by blocking or limiting access to open network ports.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install an approved HBSS or firewall solution onto the system and configure it with a 'default-deny' policy.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_OS_X_10-13_V2R3_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, CCI|CCI-002080, Rule-ID|SV-214828r609363_rule, STIG-ID|AOSX-13-000155, STIG-Legacy|SV-96231, STIG-Legacy|V-81517, Vuln-ID|V-214828

Plugin: Unix

Control ID: 52d3dc3f5587cb4d840c78b21c669f2ddc161e6472ffa198226a8669a1c53454