Home
Security Hardening
DISA STIG Juniper Router RTR V2R2

DISA STIG Juniper Router RTR V2R2

JUNI-RT-000040 – The Juniper router must be configured to use encryption for routing protocol authentication – IS-IS
Details A rogue router could send a fictitious routing update to convince a site’s perimeter router to send traffic to...
JUNI-RT-000040 – The Juniper router must be configured to use encryption for routing protocol authentication – OSPF
Details A rogue router could send a fictitious routing update to convince a site’s perimeter router to send traffic to...
JUNI-RT-000050 – The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 140-2 message authentication code algorithm – BGP
Details A rogue router could send a fictitious routing update to convince a site’s perimeter router to send traffic to...
JUNI-RT-000060 – The Juniper router must be configured to have all inactive interfaces disabled.
Details An inactive interface is rarely monitored or controlled and may expose a network to an undetected attack on that...
JUNI-RT-000210 – The Juniper router must be configured to produce audit records containing information to establish where the events occurred.
Details Without establishing where events occurred, it is impossible to establish, correlate, and investigate the events leading up to an...
JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – dhcp
Details A compromised router introduces risk to the entire network infrastructure, as well as data resources that are accessible via...
JUNI-RT-000220 – The Juniper router must be configured to produce audit records containing information to establish the source of the events.
Details Without establishing the source of the event, it is impossible to establish, correlate, and investigate the events leading up...
JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – finger
Details A compromised router introduces risk to the entire network infrastructure, as well as data resources that are accessible via...
JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – ftp
Details A compromised router introduces risk to the entire network infrastructure, as well as data resources that are accessible via...
JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – http
Details A compromised router introduces risk to the entire network infrastructure, as well as data resources that are accessible via...

Prev Next

DISA STIG Juniper Router RTR V2R2

JUNI-RT-000040 – The Juniper router must be configured to use encryption for routing protocol authentication – IS-IS

JUNI-RT-000040 – The Juniper router must be configured to use encryption for routing protocol authentication – OSPF

JUNI-RT-000050 – The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 140-2 message authentication code algorithm – BGP

JUNI-RT-000060 – The Juniper router must be configured to have all inactive interfaces disabled.

JUNI-RT-000210 – The Juniper router must be configured to produce audit records containing information to establish where the events occurred.

JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – dhcp

JUNI-RT-000220 – The Juniper router must be configured to produce audit records containing information to establish the source of the events.

JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – finger

JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – ftp

JUNI-RT-000070 – The Juniper router must be configured to have all non-essential capabilities disabled – http