Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Is there any guidance for meeting STIG requirements on an NSv?

bshortbshort Newbie ✭

The U.S. Department of Defense has published a Security Technical Implementation Guide that details the configuration settings they feel should be applied to various pieces of equipment. I am looking for any assistance on applying the network firewall requirements to a SonicWall NSv running 7.0 SonicOS.

STIG Requirements can be found here: https://www.stigviewer.com/stig/firewall_security_requirements_guide/

Thank you

Category: Firewall Management and Analytics
Reply

Answers

  • Hi @bshort,

    Thank you for visiting SonicWall Community.

    I went through the link provided by you for STIG Requirements. As per the info shared on the link, I can tell you that our SonicWall by default abides to the STIG requirements. We have to make sure security services on the SonicWall are enabled. This is because security services are license based and sometimes we may miss out configuration here if a previously non-licensed service is licensed now.

    Please feel free to take a look at the above KB article and ensure all security services are enabled on the SonicWall. The other points on the STIG requirements link represents SonicWall's default state.

    Hope this helps.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • bshortbshort Newbie ✭

    That helps. Can you tell me if SonicWall uses TCP for syslog? I thought syslog was UDP by default.

    Rule Version (STIG-ID): SRG-NET-000098-FW-000021

    Rule Title: The firewall must be configured to use TCP when sending log records to the central audit server.

  • SaravananSaravanan Moderator

    Hi @BSHORT,

    The firewall doesn't use TCP for syslog and it used only UDP at this time.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Sign In or Register to comment.