Title

Network Bridges must be prohibited in Windows. (Cat II impact)

Discussion

A Network Bridge can connect two or more network segments, allowing unauthorized access or exposure of sensitive data. This setting prevents a Network Bridge from being installed and configured.

Check Content

If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Microsoft\Windows\Network Connections\ Value Name: NC_AllowNetBridge_NLA Type: REG_DWORD Value: 0

Fix Text

Configure the policy value for Computer Configuration -> Administrative Templates -> Network -> Network Connections -> "Prohibit installation and configuration of Network Bridge on your DNS domain network" to "Enabled".

Additional Identifiers

Rule ID: SV-225317r569185_rule

Vulnerability ID: V-225317

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.