NET-TUNL-007 - Deny-by-Default Security Posture

Information

Tunnel entry and exit points must be in a deny-by-default security posture.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Apply a deny by default posture on every tunnel end-point.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_Perimeter_Router_L3_Switch_V8R32_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-20240r2_rule, STIG-ID|NET-TUNL-007, Vuln-ID|V-18648

Plugin: Cisco

Control ID: e0904cc7cd4c896d3f971de517bb5760ee08078c1196ccd53fcf4cce283517bc