The router must enforce information flow control based on organization-defined metadata.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-278999 | SRG-NET-000280-RTR-000001 | SV-278999r1137945_rule | CCI-000030 | medium |
| Description | ||||
| Enforcing allowed information flows based on metadata enables simpler and more effective flow control. Metadata is information used to describe the characteristics of data. Metadata can include structural metadata describing data structures (e.g., data format, syntax, and semantics) or descriptive metadata describing data contents (e.g., age, location, telephone number). This requirement also applies to Zero Trust initiatives. | ||||
| STIG | Date | |||
| Router Security Requirements Guide | 2025-09-10 | |||
Details
Check Text (C-278999r1137945_chk)
Verify the router is configured to enforce information flow control based on organization-defined metadata.
If the router does not enforce information flow control based on organization-defined metadata, this is a finding.
Fix Text (F-83452r1137944_fix)
Configure the router to enforce information flow control based on organization-defined metadata.