Title

The macOS Application Firewall must be enabled. (Cat II impact)

Discussion

Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network.

Check Content

Verify the macOS system is configured to enable the built-in firewall with the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep "EnableFirewall\|EnableStealthMode" EnableFirewall = 1; EnableStealthMode = 1; If "EnableFirewall" and "EnableStealthMode" are not set to "1", this is a finding.

Fix Text

Configure the macOS system to enable the built-in firewall by installing the "Restrictions Policy" configuration profile.

Additional Identifiers

Rule ID: SV-257242r991593_rule

Vulnerability ID: V-257242

Group Title: SRG-OS-000480-GPOS-00232

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.