Check: SOL-11.1-060090
Solaris 11 SPARC STIG:
SOL-11.1-060090
(in versions v3 r2 through v1 r10)
Title
The operating system must maintain the integrity of information during aggregation, packaging, and transformation in preparation for transmission. (Cat II impact)
Discussion
Ensuring the integrity of transmitted information requires the operating system take feasible measures to employ transmission layer security. This requirement applies to communications across internal and external networks.
Check Content
All remote sessions must be conducted via encrypted services and ports. Ask the operator to document all configured external ports and protocols. If any unencrypted connections are used, this is a finding.
Fix Text
All remote sessions must be conducted via SSH and IPsec. Ensure that SSH and IPsec are the only protocols used.
Additional Identifiers
Rule ID: SV-219978r958912_rule
Vulnerability ID: V-219978
Group Title: SRG-OS-000425
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002420 |
Maintain the confidentiality and/or integrity of information during preparation for transmission. |
Controls
Number | Title |
---|---|
SC-8(2) |
Pre / Post Transmission Handling |