The Juniper SRX Services Gateway must have the number of rollbacks set to 5 or more.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223204 | JUSX-DM-000087 | SV-223204r961863_rule | CCI-000366 | low |
| Description | ||||
| Backup of the configuration files allows recovery in case of corruption, misconfiguration, or catastrophic failure. The maximum number of rollbacks for the SRX is 50 while the default is 5 which is recommended as a best practice. Increasing this backup configuration number will result in increased disk usage and increase the number of files to manage. Organizations should not set the value to zero. | ||||
| STIG | Date | |||
| Juniper SRX Services Gateway NDM Security Technical Implementation Guide | 2024-12-20 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V3R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V3R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V3R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V3R3 · disa_xccdf · related
Details
Check Text (C-223204r961863_chk)
To view the current setting for maximum number of rollbacks enter the following command.
[edit]
show system max-configuration-rollbacks
If the number of back up configurations is not set to an organization-defined value which is 5 or more, this is a finding.
Fix Text (F-24865r513300_fix)
To configure number of backup configurations to be stored in the configuration partition enter the following command at the configuration hierarchy.
[edit]
set system max-configuration-rollbacks <organization-defined number>