UCF STIG Viewer Logo

Windows Firewall with Advanced Security Security Technical Implementation Guide


Overview

Date Finding Count (30)
2015-06-03 CAT I (High): 3 CAT II (Med): 12 CAT III (Low): 15
STIG Description
The Windows Firewall with Advanced Security Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-17428 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a private network.
V-17418 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a domain.
V-17438 High The Windows Firewall with Advanced Security must block unsolicited inbound connections when connected to a public network.
V-17429 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a private network.
V-17442 Medium The Windows Firewall with Advanced Security local firewall rules must not be merged with Group Policy settings when connected to a public network.
V-17443 Medium The Windows Firewall with Advanced Security local connection rules must not be merged with Group Policy settings when connected to a public network.
V-17421 Medium The Windows Firewall with Advanced Security must block unicast responses to multicast or broadcast messages when connected to a domain.
V-17415 Medium The Windows Firewall with Advanced Security must be enabled when connected to a domain.
V-17417 Medium The Windows Firewall with Advanced Security must be enabled when connected to a public network.
V-17416 Medium The Windows Firewall with Advanced Security must be enabled when connected to a private network.
V-17419 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a domain.
V-17439 Medium The Windows Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a public network.
V-17441 Medium The Windows Firewall with Advanced Security must block unicast responses to multicast or broadcast messages when connected to a public network.
V-17431 Medium The Windows Firewall with Advanced Security must block unicast responses to multicast or broadcast messages when connected to a private network.
V-36440 Medium Inbound exceptions to the firewall on domain workstations must only allow authorized remote management hosts.
V-17430 Low The Windows Firewall with Advanced Security must display notifications when a program is blocked from receiving an inbound connection when connected to a private network.
V-17446 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a public network.
V-17447 Low The Windows Firewall with Advanced Security must log successful connections when connected to a public network.
V-17444 Low The Windows Firewall with Advanced Security log file name and location must be configured for public network connections.
V-17445 Low The Windows Firewall with Advanced Security log size must be configured for public network connections.
V-17440 Low The Windows Firewall with Advanced Security must display notifications when a program is blocked from receiving an inbound connection when connected to a public network.
V-17427 Low The Windows Firewall with Advanced Security must log successful connections when connected to a domain.
V-17420 Low The Windows Firewall with Advanced Security must display notifications when a program is blocked from receiving an inbound connection when connected to a domain.
V-17424 Low The Windows Firewall with Advanced Security log file name and location must be configured for domain connections.
V-17425 Low The Windows Firewall with Advanced Security log size must be configured for domain connections.
V-17426 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a domain.
V-17437 Low The Windows Firewall with Advanced Security must log successful connections when connected to a private network.
V-17436 Low The Windows Firewall with Advanced Security must log dropped packets when connected to a private network.
V-17435 Low The Windows Firewall with Advanced Security log size must be configured for private network connections.
V-17434 Low The Windows Firewall with Advanced Security log file name and location must be configured for private network connections.