The Juniper SRX Services Gateway must have the number of rollbacks set to 5 or more.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223204 | JUSX-DM-000087 | SV-223204r961863_rule | CCI-000366 | low |
| Description | ||||
| Backup of the configuration files allows recovery in case of corruption, misconfiguration, or catastrophic failure. The maximum number of rollbacks for the SRX is 50 while the default is 5 which is recommended as a best practice. Increasing this backup configuration number will result in increased disk usage and increase the number of files to manage. Organizations should not set the value to zero. | ||||
| STIG | Date | |||
| Juniper SRX Services Gateway NDM Security Technical Implementation Guide | 2024-12-20 | |||
Details
Check Text (C-223204r961863_chk)
To view the current setting for maximum number of rollbacks enter the following command.
[edit]
show system max-configuration-rollbacks
If the number of back up configurations is not set to an organization-defined value which is 5 or more, this is a finding.
Fix Text (F-24865r513300_fix)
To configure number of backup configurations to be stored in the configuration partition enter the following command at the configuration hierarchy.
[edit]
set system max-configuration-rollbacks <organization-defined number>