Home
Security Hardening
DISA STIG Cisco Firewall V8R25

DISA STIG Cisco Firewall V8R25

NET0378 – The firewall must not be listening for telnet service. – ‘no telnet’
Details Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as...
NET0378 – The firewall must not be listening for telnet service. – ‘open ports’
Details Telnet is an unencrypted service which can be easily exploited, especially when used over a public network such as...
NET0380 – The firewall must reject requests for access from loopback address – ‘mgmt in’
Details The firewall must reject requests for access or services where the source address received by the firewall specifies a...
NET0380 – The firewall must reject requests for access from loopback address – ‘mgmt out’
Details The firewall must reject requests for access or services where the source address received by the firewall specifies a...
NET0380 – The firewall must reject requests for access from loopback address – ‘outside in’
Details The firewall must reject requests for access or services where the source address received by the firewall specifies a...
NET0380 – The firewall must reject requests for access from loopback address – ‘outside out’
Details The firewall must reject requests for access or services where the source address received by the firewall specifies a...
NET0386 – Alerts must be automatically generated to notify the administrator when log storage reaches seventy-five percent or more
Details Alerts must be automatically generated to notify the administrator when log storage reaches seventy-five percent or more of its...
NET0388 – The network device must dump logs when they reach 75% capacity to a syslog server.
Details Having a procedure tested and verified will prevent the logs from filling when they reach 75% capacity. Solution Configure...
NET0390 – The network devices must be configured to alert the administrator of a potential attack or system failure.
Details The IDS or firewall is the first device that is under the sites control that has the possibility to...
NET0391 – Critical alerts must be generated and notifications sent to authorized personnel regardless if the person is logged in.
Details By immediately displaying an alarm message, identifying the potential security violation and making it accessible with the audit record...

Prev Next

DISA STIG Cisco Firewall V8R25

NET0378 – The firewall must not be listening for telnet service. – ‘no telnet’

NET0378 – The firewall must not be listening for telnet service. – ‘open ports’

NET0380 – The firewall must reject requests for access from loopback address – ‘mgmt in’

NET0380 – The firewall must reject requests for access from loopback address – ‘mgmt out’

NET0380 – The firewall must reject requests for access from loopback address – ‘outside in’

NET0380 – The firewall must reject requests for access from loopback address – ‘outside out’

NET0386 – Alerts must be automatically generated to notify the administrator when log storage reaches seventy-five percent or more

NET0388 – The network device must dump logs when they reach 75% capacity to a syslog server.

NET0390 – The network devices must be configured to alert the administrator of a potential attack or system failure.

NET0391 – Critical alerts must be generated and notifications sent to authorized personnel regardless if the person is logged in.