Check: SRG-NET-000235-ALG-000118
Application Layer Gateway (ALG) SRG (SRG):
SRG-NET-000235-ALG-000118
(in version v1 r2)
Title
The ALG must fail to a secure state upon failure of initialization, shutdown, or abort actions. (Cat II impact)
Discussion
Failure to a known safe state helps prevent systems from failing to a state that may cause loss of data or unauthorized access to system resources. Network elements that fail suddenly and with no incorporated failure state planning may leave the hosting system available but with a reduced security protection capability. Preserving information system state information also facilitates system restart and return to the operational mode of the organization with less disruption to mission-essential processes. An example is a firewall that blocks all traffic rather than allowing all traffic when a firewall component fails (e.g., fail closed and do not forward traffic). This prevents an attacker from forcing a failure of the system in order to obtain access. This applies to the configuration of the gateway or network traffic security function of the device. Abort refers to stopping a program or function before it has finished naturally. The term abort refers to both requested and unexpected terminations.
Check Content
Verify the ALG function fails to a secure state upon failure of initialization, shutdown, or abort actions. If the ALG function does not fail to a secure state upon failure of initialization, shutdown, or abort actions, this is a finding.
Fix Text
Configure the ALG to fail to a secure state upon failure of initialization, shutdown, or abort actions.
Additional Identifiers
Rule ID: SV-69019r1_rule
Vulnerability ID: V-54773
Group Title: SRG-NET-000235-ALG-000118
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001190 |
The information system fails to an organization-defined known-state for organization-defined types of failures. |
Controls
Number | Title |
---|---|
SC-24 |
Fail In Known State |