AMLS-L3-000100 - The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.

Information

Information flow control regulates authorized information to travel within a network and between interconnected networks. Controlling the flow of network traffic is critical so it does not introduce any unacceptable risk to the network infrastructure or data. An example of a flow control restriction is blocking outside traffic claiming to be from within the organization. For most routers, internal information flow control is a product of system design.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Configure the router to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.

To use an IP access list to fulfill this function, enter the following commands, substituting organizational values for the bracketed variables.

ip access-list [name]
[permit/deny] [protocol] [source address] [source port] [destination address] [destination port]
exit

interface [type] [number]
ip access-group [name] [direction]

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Arista_MLS_DCS-7000_Series_Y24M07_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-4, CAT|II, CCI|CCI-001414, Rule-ID|SV-217488r382735_rule, STIG-ID|AMLS-L3-000100, STIG-Legacy|SV-75273, STIG-Legacy|V-60817, Vuln-ID|V-217488

Plugin: Arista

Control ID: f6cd54db6610d0e3b2579e6c1596498f6e99cca767693e8fc070fa10e157ff50