Title

A device that accesses a DOD network remotely does not have a personal firewall installed. (Cat II impact)

Discussion

A personal firewall is required to protect the laptop from malicious activity while accessing a DOD network remotely.

Check Content

Because of the variation of installations, you must work with the IAO and manually check to determine the product installed. The software version can usually be verified by starting the firewall program from the toolbar icon or from the Start menu. The version number may appear in the window or be available by clicking the Help menu item and then selecting About. The location varies from product to product. If the personal firewall is supported by the JTF-GNO and is older than the current JTF-GNO-provided release, this is a finding. For technologies which do not have compatible DOD licensed personal firewalls available, then DAA approval and use of a NIAP Validated Products List with a Evaluation Assurance Level (EAL) of 2 or higher is an acceptable mitigation.

Fix Text

Install a personal firewall product that is licensed by DOD.

Additional Identifiers

Rule ID: SV-6800r1_rule

Vulnerability ID: V-6654

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.