NET-TUNL-006 - PPS Vulnerability Assessments Mitigation Filters

Information

Tunnel end-points must implement filters in accordance with mitigations defined in PPS Vulnerability Assessments.

Allowing unknown traffic into the enclave creates high risk and potential compromise by an intruder. Protocols used by applications the PPSM has reviewed and determined to require additional mitigation is necessary to protect the GIG.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Ensure the tunnel implements protocol inspection, filtering and mitigation as defined in the PPS VA reports.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Network_Perimeter_Router_L3_Switch_V8R32_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-20239r2_rule, STIG-ID|NET-TUNL-006, Vuln-ID|V-18647

Plugin: Cisco

Control ID: 521013e626edb7a161d5bdbbbe37b126ad6f72c0436999ad99063ed6ab6e6bb6