Check: SOL-11.1-060100
Solaris 11 x86 STIG:
SOL-11.1-060100
(in versions v2 r10 through v1 r10)
Title
The operating system must protect the confidentiality of transmitted information. (Cat II impact)
Discussion
Ensuring the confidentiality of transmitted information requires the operating system take feasible measures to employ transmission layer security. This requirement applies to communications across internal and external networks.
Check Content
All remote sessions must be conducted via encrypted services and ports. Ask the operator to document all configured external ports and protocols. If any unencrypted connections are used, this is a finding.
Fix Text
All remote sessions must be conducted via SSH and IPsec. Ensure that SSH and IPsec are the only protocols used.
Additional Identifiers
Rule ID: SV-220007r854565_rule
Vulnerability ID: V-220007
Group Title: SRG-OS-000423
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001130 |
The information system protects the confidentiality of transmitted information. |
CCI-002418 |
The information system protects the confidentiality and/or integrity of transmitted information. |
Controls
Number | Title |
---|---|
SC-8 |
Transmission Confidentiality And Integrity |