Navigate

Check: WN16-00-000310

Microsoft Windows Server 2016 STIG: WN16-00-000310 (in versions v2 r8 through v1 r1)

Title

A host-based firewall must be installed and enabled on the system. (Cat II impact)

Discussion

A firewall provides a line of defense against attack, allowing or blocking inbound and outbound connections based on a set of rules.

Check Content

Determine if a host-based firewall is installed and enabled on the system. If a host-based firewall is not installed and enabled on the system, this is a finding. The configuration requirements will be determined by the applicable firewall STIG.

Fix Text

Install and enable a host-based firewall on the system.

Additional Identifiers

Rule ID: SV-224846r852299_rule

Vulnerability ID: V-224846

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.
CCI-002080	The organization employs either an allow-all, deny-by-exception or a deny-all, permit-by-exception policy for allowing organization-defined information systems to connect to external information systems.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CA-3 (5)	Restrictions On External System Connections
CM-6	Configuration Settings