Details

A firewall is a piece of software that blocks unwanted incoming connections to a system. Apple has posted general documentation about the application firewall.

http://support.apple.com/en-us/HT201642

Rationale:

A firewall minimizes the threat of unauthorized users from gaining access to your system while connected to a network or the Internet.

Impact:

The firewall may block legitimate traffic. Applications that are unsigned will require special handling.

Solution

Perform the following to implement the prescribed state:

Open System Preferences

Select Security & Privacy

Select Firewall

Select Turn On Firewall

Alternatively:

Run the following command in Terminal:

defaults write /Library/Preferences/com.apple.alf globalstate – int

Where is:

1 = on for specific services

2 = on for essential services

Additional Information:

http://docs.info.apple.com/article.html?artnum=306938

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/3092

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.

References

• 800-53|SC-7(12)
• CSCv6|9.2

Source

• Tenable.com/audits