Juniper SRX Services Gateway (SG) STIG Y24M10 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Standalone XCCDF 1.1.4 - Juniper SRX SG STIG for Ansible - Ver 1, Rel 1
- Defense Information Systems Agency
-
Download Standalone XCCDF 1.1.4 - Juniper SRX Services Gateway STIG
- Defense Information Systems Agency
Target:
Target | CPE Name |
---|---|
Juniper SRX Services Gateway (SG) | cpe:/o:juniper:junos:12.1x46 (View CVEs) |
Checklist Highlights
- Checklist Name:
- Juniper SRX Services Gateway (SG) STIG
- Checklist ID:
- 657
- Version:
- Y24M10
- Type:
- Compliance
- Review Status:
- Final
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 01/27/2017
Checklist Summary:
The Juniper SRX is a series of hardware platforms that consists of two product lines, the branch series and the data center series. The two product lines differ based on support for the number and types of available interfaces, traffic throughput capacity, and the network services provided. All platforms share a common design architecture consisting of a Routing Engine (RE) and a Packet Forwarding Engine (PFE). The Juniper SRX SG STIG consists of four documents. The Juniper SRX SG NDM STIG is used to secure the RE functions, such as the Junos software, management functions, device protection, and internal information flow control. The Junos 12.1X46 is the minimum required version for DoD. The Juniper SRX SG Application Layer Gateway (ALG) STIG is used to secure the firewall configuration, which is integrated into all roles of the PFE. The Juniper SRX SG IDPS STIG is used to secure the IDPS configuration when implemented by the PFE. The Juniper SRX SG VPN STIG is used to secure the IPsec VPN configuration when implemented by the PFE.
Checklist Role:
- Router
Known Issues:
Not Provided
Target Audience:
Not Provided
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not Provided
Regulatory Compliance:
DoD Instruction (DoDI) 8500.01 All technical NIST SP 800-53 requirements were considered while developing this STIG. Requirements that are applicable and configurable will be included in the final STIG. A report marked For Official Use Only (FOUO) will be available for those items that did not meet requirements. This report will be available to component DAA personnel for risk assessment purposes by request via email to: disa.stig_spt@mail.mil
Comments/Warnings/Miscellaneous:
Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.
Disclaimer:
Not Provided
Product Support:
Not Provided
Point of Contact:
Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.
Sponsor:
Not Provided
Licensing:
Not Provided
Change History:
moved to FINAL - 6/7/2016 Updated resource - 01/27/2017 Updated to FINAL - 03/13/2017 null Updated URL to reflect change to the DISA website - http --> https Updated - 11/01/2017 Updated to FINAL - 11/27/2017 corrected resource title - 1/24/2018 updated to v1,r2 - 02/16/2018 Updated to FINAL - 3/18/2018 updated ALG to v1,r3 - 4/25/18 Updated to FINAL - 5/25/18 Updated URLs - 6/6/19 Updated URLs - 8/12/2019 Updated URL per DISA - 10/28/20 updated URLs - 11/20/2020 removed reference link per DISA - 1/28/2021 updated URLs - 4/28/2021 Updated resource per DISA - 10/26/22 Updated resource per DISA - 10/27/22 Reference & SHA updated - 08/06/2024 Updated Version - 08/08/2024 Resource and Title Updated - 10/25/2024
Dependency/Requirements:
URL | Description |
---|
References:
Reference URL | Description |
---|