IBM z/VM must be protected by an external firewall that has a deny-all, allow-by-exception policy.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-237966 | SRG-OS-000480-GPOS-00227 | IBMZ-VM-002360 | SV-237966r649738_rule | 2022-08-31 | 2 |
| Description |
|---|
| Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Firewalls provide monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications. |
| ℹ️ Check |
|---|
| Ask the system administrator for a network system plan. If there is no firewall defined for the IBM z/VM system, this is a finding. If the firewall does not have a deny-all, allow-by-exception policy, this is a finding. |
| ✔️ Fix |
|---|
| Ensure that the network has a firewall installed that provides a deny-all, allow-by-exception protection for the IBM z/VM system. |