Synchronize and secure all router and firewall configuration files.

UCF ID: 01291
Control Type: Process or Activity
Status: Live

Supporting and supported controls

This control directly supports:

    Configure firewalls, routers, and networking equipment to protect restricted data or information in accordance with organizational compliance mandates. [UCF Control ID 01284]

There are no supporting controls.

Authority documents complied with:

Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 1.2.1, § 1.2.2; DISA Secure Remote Computing Security Technical Implementation Guide, Version 1, Release 2, § 5.2; Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance All other Merchants and all SAQ-Eligible Service Providers, Version 1.2, § 1.2.2

Payment Card Guidance

The router configuration files must be secured and synchronized.
Examine the router configuration files to verify they are secure and synchronized. To ensure synchronization, verify that the configuration files for the normal running of the routers and the startup configuration files have the same secure configuration. [§ 1.2.2, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 1.2.1]

The router configuration files must be secured and synchronized. [§ 1.2.2, Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance All other Merchants and all SAQ-Eligible Service Providers, Version 1.2]

Other Configuration Guidance

The organization must develop a configuration management policy and a baseline for the use and configuration of personal firewalls. [§ 5.2, DISA Secure Remote Computing Security Technical Implementation Guide, Version 1, Release 2]

Metrics

The metrics associated with this control are as follows:

    Report on the percentage of systems for which approved configuration settings have been implemented as required by policy. [UCF Control ID 02097]
    Report on the percentage of systems with configurations that do not deviate from approved standards. [UCF Control ID 02098]

Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.