06-16-2024 12:43 PM
A security auditor has requested we show how our FMC/FTD security devices comply with the following two controls. What can I show them to satisfy these requirements?
TIA,
SC-5: Denial of Service Protection:The information system protects against or limits the effects of the types of denial of service attacks
SC-7 (18): Fail Secure: The information system fails securely in the event of an operational failure of a boundary protection device
06-17-2024 05:41 AM
SC-5: Denial of Service Protection:The information system protects against or limits the effects of the types of denial of service attacks
This would be IPS (Policies > Intrusion) and connection time-outs (Device > Platform Settings > (relevant platform settings profile) > Timeouts).
SC-7 (18): Fail Secure: The information system fails securely in the event of an operational failure of a boundary protection device
This is high availability, so if you have active / standby failover configured you are good.
06-18-2024 06:06 PM
seems reasonable to me. Let's see what the auditors say.
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide