Navigate

Check: WN19-00-000280

Microsoft Windows Server 2019 STIG: WN19-00-000280 (in versions v2 r9 through v1 r1)

Title

Windows Server 2019 must have a host-based firewall installed and enabled. (Cat II impact)

Discussion

A firewall provides a line of defense against attack, allowing or blocking inbound and outbound connections based on a set of rules.

Check Content

Determine if a host-based firewall is installed and enabled on the system. If a host-based firewall is not installed and enabled on the system, this is a finding. The configuration requirements will be determined by the applicable firewall STIG.

Fix Text

Install and enable a host-based firewall on the system.

Additional Identifiers

Rule ID: SV-214936r852535_rule

Vulnerability ID: V-214936

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.
CCI-002080	The organization employs either an allow-all, deny-by-exception or a deny-all, permit-by-exception policy for allowing organization-defined information systems to connect to external information systems.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CA-3 (5)	Restrictions On External System Connections
CM-6	Configuration Settings